Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://mail.python.org/pipermail/python-dev/2015-July/140707.html below:

[Python-Dev] OpenSSL Security Advisory [9 Jul 2015]

• Previous message (by thread): [Python-Dev] OpenSSL Security Advisory [9 Jul 2015]
• Next message (by thread): [Python-Dev] modules dependencies issues
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2015-07-09 15:29, Christian Heimes wrote:
> Hi,
> 
> this just came in. According to Zachary all Windows builds use 1.0.2c.
> The version is vulnerable to a critical bug in the CA validation code of
> OpenSSL. The bug can be abused to turn any valid server certificate into
> a CA cert.
> 
> We should consider a security release of Python ASAP.

Good news! I was too fast and it looks like we are mostly safe.

1.0.2c is only used in 3.5b3. The production builds are either using
1.0.2a or 1.0.1j.

Christian

• Previous message (by thread): [Python-Dev] OpenSSL Security Advisory [9 Jul 2015]
• Next message (by thread): [Python-Dev] modules dependencies issues
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4