Hi, El 08/08/24 a las 12:10, Sylvain Beucler escribió: > Hello Security Team, > > python2.7 was marked unsupported in bullseye. > > We recently noted that pypy[v2] (included up to bullseye) and jython (all > dists) include the python2 stdlib. Unlike pypy3, neither package currently > track the associated CVEs. > > > Do we want to mark pypy and jython as EOL, or limited-support, in > debian-security-support?
For pypy and jython/bullseye, I would included them in security-support-limited.deb11, with the same rationale than for python2.7. Any objection? Security team, may we have your thoughts, especially about jython (since it is included also in bookworm and trixie)? > > Incidentally are there other packages that mass-embed python2 stdlib that we > should also consider (I checked data/embedded-code-copies)? > > Cheers! > Sylvain Beucler > Debian LTS Team > Cheers, -- Santiago
signature.asc
Description: PGP signature
