Message from discussion If there was massive security hole found in Django, are there plans in place to deal with it?
Received: by 10.36.100.15 with SMTP id x15mr50453nzb;
Wed, 09 Aug 2006 21:49:22 -0700 (PDT)
Received: from 22.214.171.124 by q16g2000cwq.googlegroups.com with HTTP;
Thu, 10 Aug 2006 04:49:21 +0000 (UTC)
From: "Jason Huggins" <jrhugg...@gmail.com>
To: "Django developers" <firstname.lastname@example.org>
Subject: Re: If there was massive security hole found in Django, are there plans in place to deal with it?
Date: Wed, 09 Aug 2006 21:49:21 -0700
X-HTTP-UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:126.96.36.199) Gecko/20060728 Firefox/188.8.131.52,gzip(gfe),gzip(gfe)
Content-Type: text/plain; charset="iso-8859-1"
James Bennett wrote:
> > 3) Is there any sort of policy or promise on how many versions back
> > Django devs are willing to go back and support?
> The documentation page Malcolm linked states that patches will be
> developed for the current release and the two releases previous to it.
> That seems like a fairly sane policy, is roughly in line with what
> some of the more popular Linux distros do.
Ugh. May bad... I must have missed that. Right there it says, "[For
security issues, we'll] Halt all other development as long as is needed
to develop a fix, including patches against the current and two
Thanks for answering my questions, everyone. I'll try to read the docs
more closely next time... :-)