[Zope-dev] Python2.4 Security Audit ETA???

Tino Wildenhain tino at wildenhain.de
Tue Nov 29 01:31:21 EST 2005


Am Dienstag, den 29.11.2005, 17:16 +1100 schrieb Alan Milligan:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hi,
...
> With the major distro's, Python is entrenched in their installer and gui
> processes and *all* packaging is focused around a single python (2.4 for
> everyone excepting our BastionLinux).

Not so true.

...
> We are getting an increasing number of people attempting to load
> incompatible packages.  It is not possible to downgrade python.  Most of
> userland is not competent to get a secondary python2.3 installation
> running - especially when packages such as python-ldap are simply not
> available for their old python and new ldap etc etc which all requires
> custom package builds.

Aha.
python2.1-ldap - A LDAP interface module for Python 2.1
python2.2-ldap - A LDAP interface module for Python 2.2
python2.3-ldap - A LDAP interface module for Python 2.3


> We are also stuck in a time-warp actually having to back-port a large
> proportion of recent linux packages because we'd like to make new
> features available, increasing costs and testing requirements.  It is
> also no longer possible for customers to subscribe to just a single
> channel because our core is substantially different to their chosen
> vendor's installation, and packages will be installed into meaningless
> python paths etc.
> 
> Can someone please give me an ETA on this, so I can decide if and how to
> support zope in light of other pressing linux requirements for our distro.

Well, while it would certainly fine to have said audit, it isnt really
a problem - every since different python versions could happily coexist
on every platforms I've seen. Even on win32.

But someone has to do it. If you feel the itch - would you help
scratching it at least?

++Tino



More information about the Zope-Dev mailing list