Python’s End-of-Life date is 129 days away, warns the UK National Cyber Security Centre (NCSC). “There will be no more bug fixes, or security updates, from Python’s core developers.”
An anonymous reader quotes ZDNet:
The UK’s cyber-security agency warned developers Thursday to consider moving Python 2.x codebases to the newer 3.x branch due to the looming end-of-life of Python 2, scheduled for January 1, 2020… “If you continue to use unsupported modules, you are risking the security of your organisation and data, as vulnerabilities will sooner or later appear which nobody is fixing.”
“If you maintain a library that other developers depend on, you may be preventing them from updating to 3,” the agency added. “By holding other developers back, you are indirectly and likely unintentionally increasing the security risks of others… If migrating your code base to Python 3 is not possible, another option is to pay a commercial company to support Python 2 for you,” the NCSC said.
The agency warns that companies who don’t invest in migrating their Python 2.x code might end up in the same position as Equifax or the WannaCry victims. “At the NCSC we are always stressing the importance of patching. It’s not always easy, but patching is one of the most fundamental things you can do to secure your technology,” the agency said. “The WannaCry ransomware provides a classic example of what can happen if you run unsupported software,” it said. “By making the decision to continue using Python 2 past its end of life, you are accepting all the risks that come with using unsupported software, while knowing that a secure version is available.”
of this story at Slashdot.
Source:: Slashdot