In case you're wondering about 3.5.10rc1
It's held up on SSL. Ubuntu 20.04 changed some security parameter tunings, which breaks some uses of the SSL module, and approximately eight modules in the test suite. I assume this wasn't caught on the buildbots because they don't use Ubuntu--or at least not a build that fresh. SSL and the test suite are all completely happy on older Ubuntu releases. One could argue "it's fine, most people still using 3.5 are also using old OSes anyway". But I don't want to release 3.5.10 if important functionality is broken on a popular OS. So I'm waiting for help from the ssl module maintainer(s) who are very kindly looking into it. My plan is to release 3.5.10rc1 once it passes the test suite on Ubuntu 20.04... whenever that is. 3.5.10 final will be automatically rescheduled for two weeks from that date. Hold tight, //arry/ p.s. Happy American Independence Day!
On 04.07.2020 10:01, Larry Hastings wrote:
It's held up on SSL. Ubuntu 20.04 changed some security parameter tunings, which breaks some uses of the SSL module, and approximately eight modules in the test suite. I assume this wasn't caught on the buildbots because they don't use Ubuntu--or at least not a build that fresh. SSL and the test suite are all completely happy on older Ubuntu releases.
One could argue "it's fine, most people still using 3.5 are also using old OSes anyway". But I don't want to release 3.5.10 if important functionality is broken on a popular OS.
Since it's in "security fixes only" mode, you can just claim that anything beyond that, compatibility with anything included, is not guaranteed. You had no problems using that defense before in https://mail.python.org/archives/list/python-dev@python.org/thread/YUT66GNSD...
So I'm waiting for help from the ssl module maintainer(s) who are very kindly looking into it.
My plan is to release 3.5.10rc1 once it passes the test suite on Ubuntu 20.04... whenever that is. 3.5.10 final will be automatically rescheduled for two weeks from that date.
Hold tight,
//arry/
p.s. Happy American Independence Day!
_______________________________________________ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-leave@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/O734ZY4W... Code of Conduct: http://python.org/psf/codeofconduct/ -- Regards, Ivan
On Sat, 4 Jul 2020 00:01:56 -0700 Larry Hastings <larry@hastings.org> wrote:
It's held up on SSL. Ubuntu 20.04 changed some security parameter tunings, which breaks some uses of the SSL module, and approximately eight modules in the test suite. I assume this wasn't caught on the buildbots because they don't use Ubuntu--or at least not a build that fresh. SSL and the test suite are all completely happy on older Ubuntu releases.
One could argue "it's fine, most people still using 3.5 are also using old OSes anyway". But I don't want to release 3.5.10 if important functionality is broken on a popular OS.
How does 3.5.9 work on the same system? If it gives out the same errors, then I'm sure there's much of a bother. Though of course, if some maintainer wants to fix/workaround the issues, then even better ;-) Regards Antoine.
On Sat, 4 Jul 2020 13:16:50 +0200 Antoine Pitrou <solipsis@pitrou.net> wrote:
On Sat, 4 Jul 2020 00:01:56 -0700 Larry Hastings <larry@hastings.org> wrote:
It's held up on SSL. Ubuntu 20.04 changed some security parameter tunings, which breaks some uses of the SSL module, and approximately eight modules in the test suite. I assume this wasn't caught on the buildbots because they don't use Ubuntu--or at least not a build that fresh. SSL and the test suite are all completely happy on older Ubuntu releases.
One could argue "it's fine, most people still using 3.5 are also using old OSes anyway". But I don't want to release 3.5.10 if important functionality is broken on a popular OS.
How does 3.5.9 work on the same system? If it gives out the same errors, then I'm sure there's much of a bother.
... then I'm /not/ sure, sorry. Regards Antoine.
Python 3.5.9 has the same problems on Ubuntu 20.04 as 3.5.10. //arry/ On 7/4/20 4:53 AM, Antoine Pitrou wrote:
On Sat, 4 Jul 2020 13:16:50 +0200 Antoine Pitrou <solipsis@pitrou.net> wrote:
On Sat, 4 Jul 2020 00:01:56 -0700 Larry Hastings <larry@hastings.org> wrote:
It's held up on SSL. Ubuntu 20.04 changed some security parameter tunings, which breaks some uses of the SSL module, and approximately eight modules in the test suite. I assume this wasn't caught on the buildbots because they don't use Ubuntu--or at least not a build that fresh. SSL and the test suite are all completely happy on older Ubuntu releases.
One could argue "it's fine, most people still using 3.5 are also using old OSes anyway". But I don't want to release 3.5.10 if important functionality is broken on a popular OS. How does 3.5.9 work on the same system? If it gives out the same errors, then I'm sure there's much of a bother. ... then I'm /not/ sure, sorry.
Regards
Antoine.
_______________________________________________ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-leave@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/7IKRKXRL... Code of Conduct: http://python.org/psf/codeofconduct/
On 04. 07. 20 9:01, Larry Hastings wrote:
It's held up on SSL. Ubuntu 20.04 changed some security parameter tunings, which breaks some uses of the SSL module, and approximately eight modules in the test suite. I assume this wasn't caught on the buildbots because they don't use Ubuntu--or at least not a build that fresh. SSL and the test suite are all completely happy on older Ubuntu releases.
One could argue "it's fine, most people still using 3.5 are also using old OSes anyway". But I don't want to release 3.5.10 if important functionality is broken on a popular OS. So I'm waiting for help from the ssl module maintainer(s) who are very kindly looking into it.
My plan is to release 3.5.10rc1 once it passes the test suite on Ubuntu 20.04... whenever that is. 3.5.10 final will be automatically rescheduled for two weeks from that date.
Hey Larry. Does any of the following patches help? Fix test_alpn_protocols from test_ssl as openssl > 1.1.0f changed the behaviour of the ALPN hook. Fixed upstream: http://bugs.python.org/issue30714 https://src.fedoraproject.org/rpms/python3.5/blob/master/f/00270-fix-ssl-alp... Not every target system may provide a crypt() function in its stdlibc and may use an external or replacement library, like libxcrypt, for providing such functions. Fixed upstream: https://bugs.python.org/issue32635 https://src.fedoraproject.org/rpms/python3.5/blob/master/f/00290-cryptmodule... -- Miro Hrončok -- Phone: +420777974800 IRC: mhroncok
participants (4)
-
Antoine Pitrou -
Ivan Pozdeev -
Larry Hastings -
Miro Hrončok