On 2015-07-09 15:29, Christian Heimes wrote:
> Hi,
>
> this just came in. According to Zachary all Windows builds use 1.0.2c.
> The version is vulnerable to a critical bug in the CA validation code of
> OpenSSL. The bug can be abused to turn any valid server certificate into
> a CA cert.
>
> We s
Hi,
this just came in. According to Zachary all Windows builds use 1.0.2c.
The version is vulnerable to a critical bug in the CA validation code of
OpenSSL. The bug can be abused to turn any valid server certificate into
a CA cert.
We should consider a security release of Python ASAP.
Alternat
