On Thu, Aug 29, 2024 at 05:06:51PM -0300, Santiago Ruano Rincón wrote:
>
> Following a discussion on IRC, it seems that for bullseye, it would make
> more sense to explicitly declare the python 2 ecosystem (python2.7,
> pypy, jython) as non supported. This is actually the current status,
> since p
> > track the associated CVEs.
> > > >
> > > >
> > > > Do we want to mark pypy and jython as EOL, or limited-support, in
> > > > debian-security-support?
> > >
> > > For pypy and jython/bullseye, I would included them in
> &g
dists) include the python2 stdlib. Unlike pypy3, neither package currently
track the associated CVEs.
Do we want to mark pypy and jython as EOL, or limited-support, in
debian-security-support?
For pypy and jython/bullseye, I would included them in
security-support-limited.deb11, with the same
ncluded up to bullseye) and jython (all
> > dists) include the python2 stdlib. Unlike pypy3, neither package currently
> > track the associated CVEs.
> >
> >
> > Do we want to mark pypy and jython as EOL, or limited-support, in
> > debian-security-support?
>
rently
> track the associated CVEs.
>
>
> Do we want to mark pypy and jython as EOL, or limited-support, in
> debian-security-support?
For pypy and jython/bullseye, I would included them in
security-support-limited.deb11, with the same rationale than for
python2.7. Any objection?
Hello Security Team,
python2.7 was marked unsupported in bullseye.
We recently noted that pypy[v2] (included up to bullseye) and jython
(all dists) include the python2 stdlib. Unlike pypy3, neither package
currently track the associated CVEs.
Do we want to mark pypy and jython as EOL, or l
