[Python-modules-team] Bug#932960: Bug#932960: python-django don't fix CVE and drop Python 2 support at the same time
Brian May
bam at debian.org
Thu Jul 25 08:50:05 BST 2019
Paul Gevers <elbrus at debian.org> writes:
> Your package is trying to fix a CVE, but at the same time dropping
> Python 2 support. There is a multitude of packages that need updating
> for that because they (test-) depend on python-django. I think it is
> smart to revert the Python 2 removal and have the security fix migrate
> to testing. I don't want to judge the severity of the CVE, but otherwise
> I recommend to remove python-django from testing until all the fall-out
> has been fixed.
Python 2 support was dropped by upstream when we updated to version
2.2.x. We cannot support Python 2 unless we reverted package to Django
1.11.x.
--
Brian May <bam at debian.org>
More information about the Python-modules-team
mailing list