Hi I'm not sure, but perhaps if you change this:
0 root@muizenberg:/usr/lib/ sagemath/local/lib/python2.7/site-packages#grep -r SSLv23 * sagenb-0.11.1-py2.7.egg/sagenb/notebook/run_notebook.py: ssl_context = SSL.Context(SSL.SSLv23_METHOD) to ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) See https://docs.python.org/2.7/library/ssl.html#ssl-security https://docs.python.org/2.7/library/ssl.html#ssl.SSLContext Note the docs are 2.7.9, and sage includes 2.7.8, which does not have OP_NO_SSLv3, which will be a better solution. Regards, Jan On 5 December 2014 at 09:40, Jori Mantysalo <[email protected]> wrote: > On Thu, 4 Dec 2014, Jan Groenewald wrote: > >> Depend on the proper version high enough of openssl and it is fixed for >> you. >> (assuming sage server side) >> On client side your browser, say, firefox34, latest chrome, it is fixed. >> >> What situation is this for? A server for Tampere university? What version >> of openssl runs on which OS? > > > We use Sage's internal http[s] server, version of Sage is 6.4. Is it > possbile to fix by upgrading some Sage internal package? > > I know that most browsers are already fixed. Anyways, FUNET (Finnish > University NETwork) security team complains about this. > >> PS. I stayed in Tampere for one night in late July. > > > Oh. Hope you got some good black saucage. > > -- > Jori Mäntysalo -- .~. /V\ Jan Groenewald /( )\ www.aims.ac.za ^^-^^ -- You received this message because you are subscribed to the Google Groups "sage-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/sage-devel. For more options, visit https://groups.google.com/d/optout.
