We see this issue in production. It happens whenever we import pycrypto. We
couldn't find any solution, so we've reverted to the old version on the
assumption that this is an SDK problem.
On Tuesday, 20 December 2016 21:54:20 UTC, Nick (Cloud Platform Support)
wrote:
>
> Hey Mark,
>
> Any update on my last questions? Did you make a post to the Public Issue
> Tracker or would you like to keep corresponding here?
>
> Cheers,
>
> Nick
> Cloud Platform Community Support
>
> On Tuesday, December 6, 2016 at 6:41:40 AM UTC-5, Mark Cummins wrote:
>>
>> The new Python SDK (1.9.49) includes pycrypto update to 2.6.1.
>>
>> We've flipped over to the new library version, and we're now seeing
>> errors like this:
>>
>>
>> 11:28:31.524/base/data/home/runtimes/python27/python27_lib/versions/third_party/pycrypto-2.6.1/Crypto/Util/number.py:57:
>>
>> PowmInsecureWarning: Not using mpz_powm_sec. You should rebuild using
>> libgmp >= 5 to avoid timing attack vulnerability.
>> 11:28:31.524 _warn("Not using mpz_powm_sec. You should rebuild using
>> libgmp >= 5 to avoid timing attack vulnerability.", PowmInsecureWarning)
>>
>>
>> It looks like this is a platform problem with the new 1.9.49 SDK? Or are
>> we doing something to cause this?
>>
>
--
You received this message because you are subscribed to the Google Groups
"Google App Engine" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/google-appengine.
To view this discussion on the web visit
https://groups.google.com/d/msgid/google-appengine/691c8292-7bfe-4d82-8004-2835ccfd2528%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
