On Wed, 2006-12-20 at 19:51 -0800, Steve Langasek wrote: > On Tue, Dec 19, 2006 at 11:17:03AM -0800, Thomas Bushnell BSG wrote: > > The python team has apparently decreed that python 2.3 will not be in > > etch. This forces every package to use the new version. Surely it is > > too late in the release cycle to be risking regressions in this way? > > The python team has expressed concern about the security supportability of > python2.3 in etch. Extension packages built with the current version of > python-all-dev and friends already have no support for python2.3; shipping > python2.3 in stable for the benefit of a handful of reverse dependencies is > a genuine concern, particularly when those reverse-deps work just fine with > python 2.4. And yet, this isn't the only case. Users actually use the programs in Debian, not just other parts of Debian. Why is python 2.3 some sort of security nightmare? And what suddenly happened to make it one? What about users who are depending on Python 2.3? Do they just lose? It seems to me that for things like this, our releases should always have the next-oldest version as an option for those users. Thomas
Attachment:
signature.asc
Description: This is a digitally signed message part