In article <cadisq7czsp1flv31izz01_9avgyzsc1j6+d2t5aup2byu97...@mail.gmail.com>, Nick Coghlan <ncogh...@gmail.com> wrote: > I have just posted a proposal to change the way we treat enhancements > that relate to Python's support for network security enhancements.
+1 [...] > Open Questions > ============== > > * What are the risks associated with allowing OpenSSL to be updated to > new feature versions in the Windows and Mac OS X binary installers for > maintenance releases? Regarding the python.org binary installers, I think past practice has been for us to update third-party libraries as necessary in maintenance releases when there is good cause and with the concurrence of the release manager, so I don't see this as a big issue. For the OS X binary installer, the issue for OpenSSL has been that we dynamically link to the system-supplied OpenSSL libraries and that, for various reasons, Apple has deprecated (and frozen at non-current OpenSSL releases) the use of those libraries in favor of their own security frameworks. So, for multiple reasons, including the risk that OpenSSL may be dropped from an upcoming major release of OS X, we need to start supplying our own version with all OS X binary installers. That's the plan regardless of the outcome of this PEP. -- Ned Deily, n...@acm.org _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
