Query on Python 3.2 and supported OpenSSL Versions
Chris Angelico
rosuav at gmail.com
Mon May 25 07:16:04 EDT 2015
On Mon, May 25, 2015 at 7:33 PM, Donal Duane <donal.duane at ericsson.com> wrote:
>
> Hi Python Users,
>
> I was hoping you might be able to assist me with a query:
>
> 2 Questions:
>
> 1. Could Python 3.2, when compiled against OpenSSL 1.0.0j, be affected by the poodle bug? https://www.openssl.org/~bodo/ssl-poodle.pdf
>
Just out of interest, is there a reason you can't use a newer Python
version? Since you talk about compiling Python, I assume you mean
CPython; and given that you're considering using a different OpenSSL,
you're quite probably already planning to compile from source. If
that's true, I would recommend building the latest - either a source
tarball of CPython 3.4, or the very latest beta of 3.5; personally,
I'm quite happy with the beta, but you might prefer to use a properly
released and numbered version.
If you can't recompile [C]Python, can you explain more about what
you're planning to do to change OpenSSL version, and why it needs to
be 3.2? That might help with the second part of your question.
ChrisA
More information about the Python-list
mailing list