[Python-Dev] PEP 466 (round 2): Network security enhancements for Python 2.7

M.-A. Lemburg mal at egenix.com
Mon Mar 24 10:10:18 CET 2014

On 23.03.2014 08:07, Nick Coghlan wrote:
> Open Questions
> ==============
> * What are the risks associated with allowing OpenSSL to be updated to
>   new feature versions in the Windows and Mac OS X binary installers for
>   maintenance releases? Currently we just upgrade to the appropriate
>   OpenSSL maintenance releases, rather than switching to the latest
>   feature release. In particular, is it possible Windows C extensions may
>   be linking against the Python provided OpenSSL module?

Python's _ssl/_hashlib modules link statically against OpenSSL in
Python 2.7, so the OpenSSL DLLs are not exposed to other extensions.

The OpenSSL version used for 2.7.6 is 0.9.8y.

Upgrading to 1.0.0 or 1.0.1 will likely need a few minor tweaks, but
not cause general breakage - at least that's my experience with
the egenix-pyopenssl distribution.

Marc-Andre Lemburg

Professional Python Services directly from the Source  (#1, Mar 24 2014)
>>> Python Projects, Consulting and Support ...   http://www.egenix.com/
>>> mxODBC.Zope/Plone.Database.Adapter ...       http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ...        http://python.egenix.com/
2014-03-29: PythonCamp 2014, Cologne, Germany ...           5 days to go
2014-04-09: PyCon 2014, Montreal, Canada ...               16 days to go
2014-04-29: Python Meeting Duesseldorf ...                 36 days to go

   eGenix.com Software, Skills and Services GmbH  Pastor-Loeh-Str.48
    D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
           Registered at Amtsgericht Duesseldorf: HRB 46611

More information about the Python-Dev mailing list