[Python-Dev] OS X 10.9 Mavericks -> 2.7.6/3.3.3 updates needed

Christian Heimes christian at python.org
Thu Oct 24 13:22:09 CEST 2013

Am 24.10.2013 11:26, schrieb Georg Brandl:
> Am 24.10.2013 11:11, schrieb Ned Deily:
>> I don't know where any other potential 2.7.6 or 3.3.3 issues stand at this 
>> point.  But I'd like Benjamin and Georg to propose an aggressive schedule so 
>> we can get these fixes out there.
> We've basically agreed to do rc releases this weekend.  I don't have time the
> weekend of Nov 2, so 3.3.3 final would be scheduled for Nov 9.  There are a
> few "unlimited read" issues still open; I will have a look at porting their
> patches tomorrow.

There seems to be a problem with the security fix "Re-seed OpenSSL's
PRNG after fork":


Perhaps it's best to disable the pthread_atfork() handler for the
upcoming releases and replace it with security note in the ssl module,
os.fork() and release notes.

If you are using fork() and the ssl module in the same application then
you must re-seed the PRNG with ssl.RAND_add() every now and then.


More information about the Python-Dev mailing list