[Python-Dev] Issue 21671: CVE-2014-0224 OpenSSL upgrade to 1.0.1h on Windows required (original) (raw)
Cory Benfield cory at lukasa.co.uk
Wed Jun 18 09🔞24 CEST 2014
- Previous message: [Python-Dev] Issue 21671: CVE-2014-0224 OpenSSL upgrade to 1.0.1h on Windows required
- Next message: [Python-Dev] Issue 21671: CVE-2014-0224 OpenSSL upgrade to 1.0.1h on Windows required
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 17 June 2014 17:41, Yates, Andy (CS Houston, TX) <ayates at hp.com> wrote:
Is it possible to drop in new OpenSSL versions on Windows without rebuilding Python?
If you think this is a problem you're going to have more than once, you'll want to look hard at whether it's worth using pyOpenSSL (either the egenix version or the PyCA one[1]) instead, and delivering binary releases with a bundled copy of OpenSSL. PyOpenSSL from PyCA is actually considering bundling OpenSSL on Windows anyway[2], so you might find this problem goes away.
[1] https://github.com/pyca/pyopenssl [2] https://github.com/pyca/cryptography/issues/1121
- Previous message: [Python-Dev] Issue 21671: CVE-2014-0224 OpenSSL upgrade to 1.0.1h on Windows required
- Next message: [Python-Dev] Issue 21671: CVE-2014-0224 OpenSSL upgrade to 1.0.1h on Windows required
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]