diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index 2ddd1198e8..dd3ef8f9a8 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -907,7 +907,13 @@ Python 3 support.") (define-public python2-setuptools (package-with-python2 python-setuptools)) - +;;; Pycrypto is abandoned upstream [0] and contains at least one bug that can be +;;; exploited to achieve arbitrary code execution [1]. +;;; +;;; TODO Remove this package from GNU Guix. +;;; +;;; [0] https://github.com/dlitz/pycrypto/issues/173 +;;; [1] https://github.com/dlitz/pycrypto/issues/176 (define-public python-pycrypto (package (name "python-pycrypto")