component/python-2.7: version up python 2.7.14.

component/python-2.7/buildout.cfg

@@ -28,9 +28,9 @@ python = python2.7
 
 [python2.7]
 recipe = slapos.recipe.cmmi
-package_version = 2.7.13
+package_version = 2.7.14
 package_version_suffix =
-md5sum = 53b43534153bb2a0363f08bae8b9d990
+md5sum = 1f6db41ad91d9eb0a6f0c769b8613c5b
 
 # This is actually the default setting for prefix, but we can't use it in
 # other settings in this part if we don't set it explicitly here.

[Kirill Smelkov]

@kazuhiko, it is better to upgrade to 2.7.15, as many types in 2.7.14 are vulnerable to segmentation faults if a GC is triggered at particular tricky time.

Please see details about the issue here:

https://github.com/python/cpython/commit/4cde4bdcc86
https://bugs.python.org/issue31095

We actually hit a similar bug for real with wendelin.core:

wendelin.core!11 (closed)

/cc @nexedi

[Julien Muchembled]

Why not opening a MR directly with the 2-lines trivial change ? It's actually strange to comment here whereas 2.7.15 didn't exist at the time of this commit. And it's anyway always good to upgrade software when it does not break anything (no need for a security fix to justify).

It's likely that we'd only delay the upgrade to avoid causing all test nodes rebuilding many SR at a wrong moment.

[Kazuhiko Shiozaki]

I committed on erp5-component branch. 5f385220

[Jérome Perrin]

There's a SLAPOS-SR-TEST running for this patch at https://nexedi.erp5.net/test_result_module/20190110-3EF033B

[Jérome Perrin]

we already have a ERP5-component-SLAPOS-component result but it's very bad. wasn't cloudooo.erp5.net fixed ?