[Python-Dev] OpenSSL vulnerability
"Martin v. Löwis"
martin at v.loewis.de
Sun Nov 8 19:56:23 CET 2009
>> Also, for Python 2.5 and earlier, any SSL-based code is vulnerable to a MitM
>> anyway, so this can only be an issue for code using the new APIs in Python
>> 2.6.
>
> That's not going to stop the
> wannabe-self-proclaimed-so-called-vulnerability-"experts" from whining
> about Python not releasing updated binary distributions though. :-(
The Windows binaries currently build with 0.9.8g. Since changing that
would be a source code change (even though just a single line), I think
a full source release would be necessary (most likely then for both 2.6
and 3.1).
Regards,
Martin
More information about the Python-Dev
mailing list