Heartbleed and the windows distributions on python.org
Ned Deily
nad at acm.org
Mon Apr 28 15:15:10 EDT 2014
In article <d576956a-5bcc-4508-bac1-87e954b7e3ec at googlegroups.com>,
Timothy McDonald <tmcdon4ld at gmail.com> wrote:
> I am building a cherrypy app that is testing as vulnerable to the heartbleed
> exploit. The app is running on the 64 bit 3.3.5 Windows distribution of
> python. An updated version of 64 bit Python 3.3.x for Windows or an updated
> pyopenssl? I am kind of surprised the distribution on python.org hasen't been
> updated.
The current release of Python 3 is 3.4.0. A 3.4.1 maintenance release,
with OpenSSL updated in the Windows installer, is planned for final
release in mid-May. Python 3.3.x is now in security-fix-only mode which
means only source fixes for security problems are released as needed and
no further binary installers for Windows or OS X are produced. (The
Python 2 Windows installer is not affected since it bundles an older,
pre-heartbleed version of OpenSSL.)
--
Ned Deily,
nad at acm.org
More information about the Python-list
mailing list