[scl.org] Python "latest" SCLo

Davis, Daniel (NIH/NLM) [C] daniel.davis at nih.gov
Thu Jun 29 15:54:01 UTC 2017

The DevOps team wants to update to the latest Python as a rule as a security from security mitigation technique.    I hope that makes sense.

From: Brian Gollaher [mailto:bgollahe at redhat.com]
Sent: Thursday, June 29, 2017 11:50 AM
To: Davis, Daniel (NIH/NLM) [C] <daniel.davis at nih.gov>; sclorg at redhat.com
Subject: Re: [scl.org] Python "latest" SCLo

Hi Dan.  May I ask a question?  Is your security team looking for a fix to a specific security problem or CVE or are they asking that you run the latest version as a rule?


On 06/29/2017 11:24 AM, Davis, Daniel (NIH/NLM) [C] wrote:
I've been lurking on this list for a while, and I wanted to bring myself up to date.   I noticed some talk of a community SCL for a "latest" Python, which would be a non-patched pure build of Python that is kept up-to-date by the community.   Where is that at?   Who is leading it?   How can I help?

For background, we've used rh-python34 for some time, but our security team recently dinged us for sticking with Python 3.4.2, and my DevOps team (who have less time due to tickets), just recompiled Python 3.4.6 blind to get past the security problem.   I would have argued we should move to rh-python35, but that would eventually suffer the same problem.   What we need is a distribution that keeps up to date, but is still distributed as an rpm.


Dan Davis, Systems/Applications Architect (Contractor),
Office of Computer and Communications Systems,
National Library of Medicine, NIH


SCLorg mailing list

SCLorg at redhat.com<mailto:SCLorg at redhat.com>



Brian Gollaher

Red Hat Platform Product Management

Phone: 978 392-3173

Cell: 508 740-6549

briang at redhat.com<mailto:briang at redhat.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/sclorg/attachments/20170629/c200fd77/attachment.htm>

More information about the SCLorg mailing list