[Python-Dev] OS X 10.9 Mavericks -> 2.7.6/3.3.3 updates needed
Christian Heimes
christian at python.org
Thu Oct 24 13:22:09 CEST 2013
Am 24.10.2013 11:26, schrieb Georg Brandl:
> Am 24.10.2013 11:11, schrieb Ned Deily:
>
>> I don't know where any other potential 2.7.6 or 3.3.3 issues stand at this
>> point. But I'd like Benjamin and Georg to propose an aggressive schedule so
>> we can get these fixes out there.
>>
>
> We've basically agreed to do rc releases this weekend. I don't have time the
> weekend of Nov 2, so 3.3.3 final would be scheduled for Nov 9. There are a
> few "unlimited read" issues still open; I will have a look at porting their
> patches tomorrow.
There seems to be a problem with the security fix "Re-seed OpenSSL's
PRNG after fork":
http://bugs.python.org/issue18747
http://bugs.python.org/issue19227
Perhaps it's best to disable the pthread_atfork() handler for the
upcoming releases and replace it with security note in the ssl module,
os.fork() and release notes.
<big_friendy_letters>
If you are using fork() and the ssl module in the same application then
you must re-seed the PRNG with ssl.RAND_add() every now and then.
</big_friendy_letters>
Christian
More information about the Python-Dev
mailing list