Message 185504 - Python tracker (original) (raw)

Sorry to reopen :-). It seems OpenSSL 1.0.1d was a kind of "brown paper bag" release, they've released 1.0.1e since (some of test_ssl can fail on 1.0.1d and succeed on 1.0.1e, as experienced on my Linux setup; the Windows buildbots also exhibit similar failures).

Following is their description of the fix:

“Changes between 1.0.1d and 1.0.1e [11 Feb 2013]

*) Correct fix for CVE-2013-0169. The original didn't work on AES-NI supporting platforms or when small records were transferred. [Andy Polyakov, Steve Henson]”