[oss-security] Dulwich security issue (fwd)
Mads Kiilerich
mads at kiilerich.com
Mon Mar 23 10:41:03 EDT 2015
On 03/23/2015 09:14 AM, Adi Kriegisch wrote:
> Hey!
>
> ...anything we need to do about that?
I don't know. I guess all we can do is to inform all users that they
probably have it installed as a dependency and that they should upgrade.
We could perhaps make a "secure" version mandatory in next release.
I can however not find the mentioned 0.9.9 anywhere, and pip only has a
0.10.0 which also don't have any release notes and I don't know how
backwards compatible it is.
/Mads
More information about the kallithea-general
mailing list