Path: csiph.com!usenet.pasdenom.info!news.redatomik.org!newsfeed.xs4all.nl!newsfeed2a.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.000 X-Spam-Evidence: '*H*': 1.00; '*S*': 0.00; 'python,': 0.02; 'true,': 0.04; 'subject:Python': 0.05; 'cpython': 0.05; 'source.': 0.05; 'affected': 0.07; 'tarball': 0.09; 'cc:addr:python-list': 0.10; 'python': 0.11; 'assume': 0.11; 'question.': 0.13; 'properly': 0.15; '3.2,': 0.16; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'interest,': 0.16; 'numbered': 0.16; 'openssl': 0.16; 'personally,': 0.16; 'subject:Query': 0.16; 'url:openssl': 0.16; 'version?': 0.16; 'wrote:': 0.16; 'version.': 0.18; 'cc:2**0': 0.21; 'cc:addr:python.org': 0.21; 'bug?': 0.22; 'questions:': 0.22; 'users,': 0.22; '2015': 0.23; 'header:In- Reply-To:1': 0.24; 'mon,': 0.24; 'second': 0.24; 'message- id:@mail.gmail.com': 0.28; "i'm": 0.29; 'version,': 0.31; 'source': 0.31; "can't": 0.32; 'probably': 0.32; 'compiled': 0.32; 'received:google.com': 0.34; 'could': 0.35; 'newer': 0.35; 'but': 0.36; 'url:org': 0.36; 'there': 0.36; 'quite': 0.37; 'subject:: ': 0.37; 'building': 0.38; 'mean': 0.38; 'pm,': 0.39; 'why': 0.40; 'your': 0.60; 'more': 0.62; 'latest': 0.64; 'url:pdf': 0.64; 'different': 0.64; 'hoping': 0.73; 'chrisa': 0.84; 'recompile': 0.84; 'to:none': 0.90 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:cc :content-type; bh=S2oIN6PGHBpOe2OYH5tbIK9cTvr1E4kI0gPl6Bgcdhg=; b=F4IItOY2zwj4Cgvo7IY2HNNikOg8gYsV3KdPLD5rHeCeHK+eiSWOek8i2dv0fkhvx1 7rXtKcJweiBXs0LYSaNnx0uHQAc88mOBgreMHnrtyaHX8VrnFqZ8ZY1EDvw2RSB9/Ks7 JdQ2YvaT9rj/QgQ3WBwy4Y5jsKJ5BLaLc7ytZU4g5FLqKYBlnNJAXbEqsfaAWcv27N15 9AW/KRY4RRLNdF+bQIcnUuTb+YFLg/tB/fZ6e3O/g/0HMSw0fbQTbOHGTEqmkLCpwHLh /Kelu0v31OkYGkiDDeOWsDDzb6+yN6ZLng2OX8yvWx0BeAZX9wHzPkO2COujL0XN3WZB lHMQ== MIME-Version: 1.0 X-Received: by 10.107.16.149 with SMTP id 21mr20873595ioq.53.1432552564733; Mon, 25 May 2015 04:16:04 -0700 (PDT) In-Reply-To: <867F5C4940403B47B2474432369BAF790FFBD992@ESESSMB309.ericsson.se> References: <867F5C4940403B47B2474432369BAF790FFBD992@ESESSMB309.ericsson.se> Date: Mon, 25 May 2015 21:16:04 +1000 Subject: Re: Query on Python 3.2 and supported OpenSSL Versions From: Chris Angelico Cc: "python-list@python.org" Content-Type: text/plain; charset=UTF-8 X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.20+ Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 25 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1432552567 news.xs4all.nl 2871 [2001:888:2000:d::a6]:51720 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:91200 On Mon, May 25, 2015 at 7:33 PM, Donal Duane wrote: > > Hi Python Users, > > I was hoping you might be able to assist me with a query: > > 2 Questions: > > 1. Could Python 3.2, when compiled against OpenSSL 1.0.0j, be affected by the poodle bug? https://www.openssl.org/~bodo/ssl-poodle.pdf > Just out of interest, is there a reason you can't use a newer Python version? Since you talk about compiling Python, I assume you mean CPython; and given that you're considering using a different OpenSSL, you're quite probably already planning to compile from source. If that's true, I would recommend building the latest - either a source tarball of CPython 3.4, or the very latest beta of 3.5; personally, I'm quite happy with the beta, but you might prefer to use a properly released and numbered version. If you can't recompile [C]Python, can you explain more about what you're planning to do to change OpenSSL version, and why it needs to be 3.2? That might help with the second part of your question. ChrisA