Am 24.10.2013 11:26, schrieb Georg Brandl: > Am 24.10.2013 11:11, schrieb Ned Deily: > >> I don't know where any other potential 2.7.6 or 3.3.3 issues stand at this >> point. But I'd like Benjamin and Georg to propose an aggressive schedule so >> we can get these fixes out there. >> > > We've basically agreed to do rc releases this weekend. I don't have time the > weekend of Nov 2, so 3.3.3 final would be scheduled for Nov 9. There are a > few "unlimited read" issues still open; I will have a look at porting their > patches tomorrow.
There seems to be a problem with the security fix "Re-seed OpenSSL's PRNG after fork": http://bugs.python.org/issue18747 http://bugs.python.org/issue19227 Perhaps it's best to disable the pthread_atfork() handler for the upcoming releases and replace it with security note in the ssl module, os.fork() and release notes. <big_friendy_letters> If you are using fork() and the ssl module in the same application then you must re-seed the PRNG with ssl.RAND_add() every now and then. </big_friendy_letters> Christian _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
