# Unmaintained with last release in 2019. We already patched it to work # with Python 3.9+. The upstream code is also vulnerable # to CVE-2022-40899. Above all, this library is completely redundant # to packages not supporting Python 2 anymore.
Does 0.18.3 released on Jan 12 2023 (at least that's what it says on https://pypi.org/project/future/) have the same limitations and vulnerabilities?
(In reply to BobbyK from comment #1) > Does 0.18.3 released on Jan 12 2023 (at least that's what it says on > https://pypi.org/project/future/) have the same limitations and > vulnerabilities? IIRC they've fixed *something* but definitely not all the things we were already patching.
commit 798006bc602e35ed1294bbd0c62aa23529802b37 Author: Eli Schwartz <eschwartz93@gmail.com> Date: Sun Mar 10 13:14:16 2024 -0400 package.mask: Last rite dev-python/future Signed-off-by: Eli Schwartz <eschwartz93@gmail.com> Signed-off-by: Sam James <sam@gentoo.org>
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=abc0817f3b09a5a1fcdc33935cfe93719782d4a4 commit abc0817f3b09a5a1fcdc33935cfe93719782d4a4 Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2024-04-13 14:52:28 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2024-04-13 14:54:44 +0000 dev-python/future: Remove last-rited pkg Closes: https://bugs.gentoo.org/888271 Signed-off-by: Michał Górny <mgorny@gentoo.org> dev-python/future/Manifest | 2 - dev-python/future/files/future-0.18.2-py3.10.patch | 29 ---------- .../future/files/future-0.18.2-py39-fileurl.patch | 22 -------- dev-python/future/files/future-0.18.2-py39.patch | 65 ---------------------- dev-python/future/future-0.18.3.ebuild | 46 --------------- dev-python/future/metadata.xml | 13 ----- profiles/package.deprecated | 7 --- profiles/package.mask | 12 ---- 8 files changed, 196 deletions(-)