[Python-Dev] Windows installers and OpenSSL
Gregory P. Smith
greg at krypto.org
Thu Apr 10 23:50:34 CEST 2014
Yep. All binary Python distributions that bundle SSL support need updating.
But... what MRAB said.
We also *likely* have SSL certificates and SSH host keys on
python.orginfrastructure that need to be revoked and new certs
reissued
*after* all of those machines have been patched and their services
restarted. Including hg.python.org.
-gps
On Thu, Apr 10, 2014 at 10:51 AM, MRAB <python at mrabarnett.plus.com> wrote:
> On 2014-04-10 14:41, Paul Moore wrote:
>
>> Given the OpenSSL vulnerability and the fact that we bundle OpenSSL
>> with the Windows installers (1.0.1e in Python 3.4.0) should we be
>> releasing updated installers?
>>
>> I'd say yes, but, then, I wouldn't be doing any of the work...
>
> _______________________________________________
> Python-Dev mailing list
> Python-Dev at python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe: https://mail.python.org/mailman/options/python-dev/
> greg%40krypto.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20140410/11011857/attachment-0001.html>
More information about the Python-Dev
mailing list