Jim Jewett schrieb: > OpenSSL should probably be upgraded to 0.9.8.c (or possibly 0.9.7.k) > because of the security patch. > > http://www.openssl.org/ > http://www.openssl.org/news/secadv_20060905.txt > > I'm not sure which version shipped with the 2.4 windows binaries, but > externals (for 2.5) still points to 0.9.8.a, which is vulnerable.
If there is any change, it should be to 0.9.7k; we shouldn't switch to a new "branch" of OpenSSL in micro releases. However, I'm uncertain whether I can do the update in next weeks. Regards, Martin _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
