Message 189018 - Python tracker

➜

This issue tracker has been migrated to GitHub , and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

In-reply-to
Author	pitrou
Recipients	georg.brandl, larry, loewis, pitrou
Date	2013年05月12日.11:24:04
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1368357845.04.0.941311125595.issue17962@psf.upfronthosting.co.za>

Content
3.3 and default are currently fetching OpenSSL 1.0.1d for the Windows builds. It seems OpenSSL 1.0.1d was a kind of "brown paper bag" release, they've released 1.0.1e since (some of test_ssl can fail on 1.0.1d and succeed on 1.0.1e, as experienced on my Linux setup; the Windows buildbots also exhibit similar failures). Following is their description of the fix: "Changes between 1.0.1d and 1.0.1e [11 Feb 2013] *) Correct fix for CVE-2013-0169. The original didn't work on AES-NI supporting platforms or when small records were transferred. [Andy Polyakov, Steve Henson]"

Content

3.3 and default are currently fetching OpenSSL 1.0.1d for the Windows builds.
It seems OpenSSL 1.0.1d was a kind of "brown paper bag" release, they've released 1.0.1e since (some of test_ssl can fail on 1.0.1d and succeed on 1.0.1e, as experienced on my Linux setup; the Windows buildbots also exhibit similar failures).
Following is their description of the fix:
"Changes between 1.0.1d and 1.0.1e [11 Feb 2013]
 *) Correct fix for CVE-2013-0169. The original didn't work on AES-NI
 supporting platforms or when small records were transferred.
 [Andy Polyakov, Steve Henson]"

History
Date	User	Action	Args
2013年05月12日 11:24:05	pitrou	set	recipients: + pitrou, loewis, georg.brandl, larry
2013年05月12日 11:24:05	pitrou	set	messageid: <1368357845.04.0.941311125595.issue17962@psf.upfronthosting.co.za>
2013年05月12日 11:24:04	pitrou	link	issue17962 messages
2013年05月12日 11:24:04	pitrou	create

homepage