[Python-Dev] OpenSSL vulnerability
Anthony Baxter
anthony at interlink.com.au
Tue Sep 30 13:12:00 EDT 2003
>>> Thomas Heller wrote
> Is this enough reason to use OpenSSL version 0.9.7c instead of 0.9.7b
> for the 2.3.2 final windows installer, or should the release candidate
> remain unchanged?
>
> <http://www.openssl.org/news/secadv_20030930.txt>
I'd say build with the patched libraries, but only if you can test them
before then. OTOH, most of the advisory seems to be about server-side
problems, and the inbuilt SSL stuff in python is client stuff.
go-not-to-australians-for-answers-for-they-will-answer-both-yes-and-no,
Anthony
--
Anthony Baxter <anthony at interlink.com.au>
It's never too late to have a happy childhood.
More information about the Python-Dev
mailing list