#2078 new
Robert Rettig

Update bundled python

Reported by Robert Rettig | January 19th, 2017 @ 10:12 AM

The bundled python for windows operating system is from version 2.6.1
There are several fixes and security fixes which are even relevant for the functionality used by Play!

Framework version: all
Platform you're using: windows

Reproduction steps: No steps just check the versions. And check for CVE and Patch Notes on https://hg.python.org/cpython/raw-file/v2.7.13/Misc/NEWS
especially the openssl updates.

Details: for example urllib2 is used in the Play! command status to check running instances of Play! even over internet connections!

# find ~/git/play/framework/pym -name *.py -exec grep -H -n -E -e 'urllib2' {} \;
~/git/play/framework/pym/play/commands/status.py:5:import urllib2
~/git/play/framework/pym/play/commands/status.py:54:        proxy_handler = urllib2.ProxyHandler({})
~/git/play/framework/pym/play/commands/status.py:55:        req = urllib2.Request(url)
~/git/play/framework/pym/play/commands/status.py:57:        opener = urllib2.build_opener(proxy_handler)
~/git/play/framework/pym/play/commands/status.py:63:    except urllib2.HTTPError, e:
~/git/play/framework/pym/play/commands/status.py:67:    except urllib2.URLError, e:
~/git/play/framework/pym/play/commands/deps.py:3:import urllib, urllib2
~/git/play/framework/pym/play/commands/modulesrepo.py:6:import urllib2
~/git/play/framework/pym/play/commands/modulesrepo.py:537:        req = urllib2.Request(url)
~/git/play/framework/pym/play/commands/modulesrepo.py:539:        result = urllib2.urlopen(req)
~/git/play/framework/pym/play/commands/modulesrepo.py:541:    except urllib2.HTTPError, e:
~/git/play/framework/pym/play/commands/modulesrepo.py:546:    except urllib2.URLError, e:
~/git/play/framework/pym/play/commands/autotest.py:6:import urllib, urllib2
~/git/play/framework/pym/play/commands/autotest.py:49:        proxy_handler = urllib2.ProxyHandler({})
~/git/play/framework/pym/play/commands/autotest.py:50:        opener = urllib2.build_opener(proxy_handler)
~/git/play/framework/pym/play/commands/autotest.py:143:        proxy_handler = urllib2.ProxyHandler({})
~/git/play/framework/pym/play/commands/autotest.py:144:        opener = urllib2.build_opener(proxy_handler)
~/git/play/framework/pym/play/commands/evolutions.py:3:import urllib, urllib2
~/git/play/framework/pym/play/commands/check.py:3:import urllib, urllib2
~/git/play/framework/pym/play/commands/check.py:44:        req = urllib2.Request(TAGS_URL)
~/git/play/framework/pym/play/commands/check.py:46:        opener = urllib2.build_opener()
~/git/play/framework/pym/play/commands/check.py:54:    except urllib2.HTTPError, e:
~/git/play/framework/pym/play/commands/check.py:59:    except urllib2.URLError, e:
~/git/play/framework/pym/play/commands/base.py:8:import urllib2

Comments and changes to this ticket

  • Robert Rettig

    Robert Rettig January 20th, 2017 @ 02:10 PM

    Or give some hints how to switch to a own python runtime on windows.

  • Reyes D

    Reyes D September 6th, 2017 @ 04:19 PM

    Thanks for the updated bundle python that is really useful for the developers. The people who work with play framework they can get lots of help here from topaussiewriters professionals. I really like to learn some computer programming language to fix the issues and Java programming language is my favorite.

  • lioneljohn

    lioneljohn February 22nd, 2018 @ 10:47 AM

    Thanks for the details regarding the bundled python update shared here. I was looking to find some information regarding the same for the last few days and glad to find this piece of detail here. Please keep sharing more useful stuff like this here. wooden beads

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

<h2>Play framework</h2>

Play makes it easier to build Web applications with Java. It is a clean alternative to bloated Enterprise Java stacks. It focuses on developer productivity and targets RESTful architectures. Learn more on the <a href="http://www.playframework.org">http://www.playframework.org</a> website.<br><br>

<h2>Source code is hosted on github</h2>Check out our repository at <a href="http://github.com/playframework/play">http://github.com/playframework/play</a><br><br>

<h2>Contributing, creating a patch</h2> Please read the <a href="http://play.lighthouseapp.com/projects/57987/contributor-guide">contributor guide</a><br><br>

<h2>Reporting Security Vulnerabilities</h2> Since all bug reports are public, please report any security vulnerability directly to <em>guillaume dot bort at gmail dot com</em>.<br><br>

<h2>Creating a bug report</h2> Bug reports are incredibly helpful, so take time to report bugs and request features in our ticket tracker. We’re always grateful for patches to Play’s code. Indeed, bug reports with attached patches will get fixed far quickly than those without any.<br><br>

Please include as much relevant information as possible including the exact framework version you're using and a code snippet that reproduces the problem.<br><br>

Don't have too much expectations. Unless the bug is really a serious "everything is broken" thing, you're creating a ticket to start a discussion. Having a patch (or a branch on Github we can pull from) is better, but then again we'll only pull high quality branches that make sense to be in the core of Play.

Pages