Issue 31392: Upgrade installers to OpenSSL 1.1.0g and 1.0.2n (original) (raw)

This issue has been migrated to GitHub: https://github.com/python/cpython/issues/75573

classification

Title: Upgrade installers to OpenSSL 1.1.0g and 1.0.2n
Type: enhancement Stage: resolved
Components: macOS, SSL, Windows Versions: Python 3.7, Python 3.6

process

Status: closed Resolution: out of date
Dependencies: Superseder:
Assigned To: Nosy List: christian.heimes, ned.deily, paul.moore, ronaldoussoren, steve.dower, tim.golden, vstinner, zach.ware
Priority: normal Keywords: patch

Created on 2017-09-08 02:52 by steve.dower, last changed 2022-04-11 14:58 by admin. This issue is now closed.

Pull Requests
URL Status Linked Edit
PR 3448 merged steve.dower,2017-09-08 02:53
PR 3466 merged christian.heimes,2017-09-08 22:19
PR 4715 merged ned.deily,2017-12-05 03:10
PR 4716 merged python-dev,2017-12-05 03:25
Messages (12)
msg301673 - (view) Author: Steve Dower (steve.dower) * (Python committer) Date: 2017-09-08 02:52
As per usual
msg301744 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2017-09-08 22:16
New changeset e6eb48c10dc389d1d70657593de6a6cb3087d3d1 by Christian Heimes (Steve Dower) in branch 'master': bpo-31400: Improve SSL error handling on Windows (#3463) https://github.com/python/cpython/commit/e6eb48c10dc389d1d70657593de6a6cb3087d3d1
msg301770 - (view) Author: Steve Dower (steve.dower) * (Python committer) Date: 2017-09-09 13:13
New changeset b84bcc48ae31c385fe480c08c05d95212ef7fcdc by Steve Dower in branch 'master': bpo-31392: Update SSL build for 1.1.0 (#3448) https://github.com/python/cpython/commit/b84bcc48ae31c385fe480c08c05d95212ef7fcdc
msg301776 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2017-09-09 15:22
New changeset 16f16dbd0ed02cd1a7b270eb6dd80d9bd179902e by Christian Heimes in branch '3.6': [3.6] bpo-31400: Improve SSL error handling on Windows (GH-3463) (#3466) https://github.com/python/cpython/commit/16f16dbd0ed02cd1a7b270eb6dd80d9bd179902e
msg302160 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2017-09-14 09:37
Ned, can you take care of macOS? Victor noted that master still builds with 1.0.2k.
msg302161 - (view) Author: STINNER Victor (vstinner) * (Python committer) Date: 2017-09-14 09:39
FYI I wrote a script to get the version of all library copies embedded in CPython: https://github.com/haypo/misc/blob/master/cpython/external_versions.py This is how I noticed the OpenSSL version inconsistency.
msg307519 - (view) Author: Ned Deily (ned.deily) * (Python committer) Date: 2017-12-03 18:13
1.1.0g and 1.0.2m are out as of 2017-11-02 so both Windows and Mac installer builds for 3.7 and 3.6 should be updated. (I'll take care of the Mac ones.)
msg307627 - (view) Author: Ned Deily (ned.deily) * (Python committer) Date: 2017-12-05 03:24
New changeset 24e046987b8e34bb4f1f3fd9bd31f1d605e347dc by Ned Deily in branch 'master': bpo-31392: Update macOS installer to use OpenSSL 1.0.2m (#4715) https://github.com/python/cpython/commit/24e046987b8e34bb4f1f3fd9bd31f1d605e347dc
msg307633 - (view) Author: Ned Deily (ned.deily) * (Python committer) Date: 2017-12-05 03:54
New changeset 0bec5e147a6c0f62517df8e7033a38087451d5d4 by Ned Deily (Miss Islington (bot)) in branch '3.6': [3.6] bpo-31392: Update macOS installer to use OpenSSL 1.0.2m (GH-4715) (#4716) https://github.com/python/cpython/commit/0bec5e147a6c0f62517df8e7033a38087451d5d4
msg307635 - (view) Author: Ned Deily (ned.deily) * (Python committer) Date: 2017-12-05 04:02
Updated the 3.7.0a3 and 3.6.4 macOS installer builds to 1.0.2m; I'll get 3.7.x to 1.1.0 before 3.7.0a4.
msg307917 - (view) Author: Ned Deily (ned.deily) * (Python committer) Date: 2017-12-09 21:18
And now 1.0.2n is out. I'm not sure how vulnerable Python is to the main problem fixed (see https://www.openssl.org/news/secadv/20171207.txt) which only impacts 1.0.2.x but I'd be willing to pull it into 3.6.4 final for the Windows and macOS installers.
msg325383 - (view) Author: Ned Deily (ned.deily) * (Python committer) Date: 2018-09-14 18:45
Sorry, this should have been closed a while back. We're now on to 1.0.2p for 3.6.7 and 1.1.0i for 3.7.1.
History
Date User Action Args
2022-04-11 14:58:52 admin set github: 75573
2018-09-14 18:45:58 ned.deily set status: open -> closedresolution: out of datemessages: + stage: patch review -> resolved
2017-12-09 21🔞21 ned.deily set messages: + title: Upgrade installers to OpenSSL 1.1.0g and 1.0.2m -> Upgrade installers to OpenSSL 1.1.0g and 1.0.2n
2017-12-05 04:02:20 ned.deily set messages: +
2017-12-05 03:54:46 ned.deily set messages: +
2017-12-05 03:25:48 python-dev set pull_requests: + <pull%5Frequest4626>
2017-12-05 03:24:43 ned.deily set messages: +
2017-12-05 03:10:15 ned.deily set stage: needs patch -> patch reviewpull_requests: + <pull%5Frequest4625>
2017-12-03 18:13:32 ned.deily set versions: + Python 3.6title: Upgrade installers to OpenSSL 1.1.0f -> Upgrade installers to OpenSSL 1.1.0g and 1.0.2mmessages: + assignee: ned.deily -> stage: patch review -> needs patch
2017-09-14 09:39:29 vstinner set nosy: + vstinnermessages: +
2017-09-14 09:37:40 christian.heimes set assignee: christian.heimes -> ned.deilymessages: +
2017-09-09 15:22:13 christian.heimes set messages: +
2017-09-09 13:13:09 steve.dower set messages: +
2017-09-08 22:19:40 christian.heimes set pull_requests: + <pull%5Frequest3459>
2017-09-08 22:16:17 christian.heimes set messages: +
2017-09-08 02:53:17 steve.dower set keywords: + patchstage: patch reviewpull_requests: + <pull%5Frequest3448>
2017-09-08 02:52:49 steve.dower create