OpenSSL should probably be upgraded to 0.9.8.c (or possibly 0.9.7.k)
because of the security patch.
http://www.openssl.org/
http://www.openssl.org/news/secadv_20060905.txt
I'm not sure which version shipped with the 2.4 windows binaries, but
externals (for 2.5) still points to 0.9.8.a, which is vulnerable.
openssl has also patched 0.9.7.k (0.9.7 was released in 2003) and the
patch itself
http://www.openssl.org/news/patch-CVE-2006-4339.txt
should apply to 0.9.6 (released in 2000).
-jJ
_______________________________________________
Python-Dev mailing list
[email protected]
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
