[Python-Dev] PEP 466 (round 2): Network security enhancements for Python 2.7
M.-A. Lemburg
mal at egenix.com
Mon Mar 24 10:10:18 CET 2014
On 23.03.2014 08:07, Nick Coghlan wrote:
> Open Questions
> ==============
>
> * What are the risks associated with allowing OpenSSL to be updated to
> new feature versions in the Windows and Mac OS X binary installers for
> maintenance releases? Currently we just upgrade to the appropriate
> OpenSSL maintenance releases, rather than switching to the latest
> feature release. In particular, is it possible Windows C extensions may
> be linking against the Python provided OpenSSL module?
Python's _ssl/_hashlib modules link statically against OpenSSL in
Python 2.7, so the OpenSSL DLLs are not exposed to other extensions.
The OpenSSL version used for 2.7.6 is 0.9.8y.
Upgrading to 1.0.0 or 1.0.1 will likely need a few minor tweaks, but
not cause general breakage - at least that's my experience with
the egenix-pyopenssl distribution.
--
Marc-Andre Lemburg
eGenix.com
Professional Python Services directly from the Source (#1, Mar 24 2014)
>>> Python Projects, Consulting and Support ... http://www.egenix.com/
>>> mxODBC.Zope/Plone.Database.Adapter ... http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/
________________________________________________________________________
2014-03-29: PythonCamp 2014, Cologne, Germany ... 5 days to go
2014-04-09: PyCon 2014, Montreal, Canada ... 16 days to go
2014-04-29: Python Meeting Duesseldorf ... 36 days to go
eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48
D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
Registered at Amtsgericht Duesseldorf: HRB 46611
http://www.egenix.com/company/contact/
More information about the Python-Dev
mailing list