Community
Select to view content in your preferred language

Python 2.7 support and ArcMap end-of-life

6039
7
Jump to solution
08-31-2020 11:43 AM
ChrisSmith7
by
Honored Contributor
‎08-31-2020 11:43 AM

Since Python 2.7.x has been completely unsupported since 1/2020, and ArcMap 10.8.1 will receive patches and hotfixes until 2/2024, will Esri take ownership in patching any future security vulnerabilities discovered in the Python 2.7.x library?

Is there anything official from Esri indicating ownership of security patches to the library while running within a version of ArcMap that is still supported?

0 Kudos
1 Solution

Accepted Solutions
KoryKramer
by Esri Community Moderator
Esri Community Moderator
‎08-31-2020 01:58 PM

Yes, if a Python-related security vulnerability were to be found, Esri will work to provide guidance or a patch to mitigate the vulnerability if technically possible.

View solution in original post

7 Replies
George_Thompson
by Esri Notable Contributor
Esri Notable Contributor
‎08-31-2020 11:58 AM

Here is a blog that I was able to find easily; How sunsetting Python 2 affects ArcGIS 

You may also want to reach out technical support for other guidance.

--- George T.
0 Kudos
ChrisSmith7
by
Honored Contributor
‎08-31-2020 12:15 PM

I reviewed that before posting - it wasn't clear whether or not Esri was taking full ownership of Python 2.7 and that they'd patch security vulnerabilities in the library. It seems to suggest they are, but it wasn't explicitly worded as such. For anything security-specific, there needs to be an abundance of clarity.

0 Kudos
JoeBorgione
by MVP Emeritus
MVP Emeritus
‎08-31-2020 12:16 PM

Probably not what anyone wants to hear, but this needs to be taken into consideration when planning your agency's migration to Pro.  How dependent are you python and how long are you going to kick the migration can down the road? 

I don't know how big your organization is with respect to ArcGIS users, but here we are at Q4 2020, and 2024 is going to get here before you know it.  

That should just about do it....
0 Kudos
ChrisSmith7
by
Honored Contributor
‎08-31-2020 12:22 PM

Even if the migration were to be completed within six months, my main concerns are, if there is a core security vulnerability revealed tomorrow, will Esri provide support and mitigation? ArcMap 10.8.1 wont even exit general availability until Q1 2022.

0 Kudos
George_Thompson
by Esri Notable Contributor
Esri Notable Contributor
‎08-31-2020 12:24 PM

Kory Kramer‌ - Is this something that you have any more insight into?

--- George T.
KoryKramer
by Esri Community Moderator
Esri Community Moderator
‎08-31-2020 01:58 PM

Yes, if a Python-related security vulnerability were to be found, Esri will work to provide guidance or a patch to mitigate the vulnerability if technically possible.

zdemirdjian
by
New Contributor
‎01-11-2021 07:54 AM

Is it be possible to uninstall the python 2.7 that is part of the ArcGIS Enterprise 10.8.1 and ArcMap 10.8.1 installation to resolve some of these vulnerability issues?