Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #70685 > unrolled thread

Heartbleed and the windows distributions on python.org

Back to article view | Back to comp.lang.python

Contents

  Heartbleed and the windows distributions on python.org Timothy McDonald <tmcdon4ld@gmail.com> - 2014-04-28 09:32 -0700
    Re: Heartbleed and the windows distributions on python.org Ned Deily <nad@acm.org> - 2014-04-28 12:15 -0700

#70685 — Heartbleed and the windows distributions on python.org

I am building a cherrypy app that is testing as vulnerable to the heartbleed exploit. The app is running on the 64 bit 3.3.5 Windows distribution of python. An updated version of 64 bit Python 3.3.x for Windows or an updated pyopenssl? I am kind of surprised the distribution on python.org hasen't been updated.

Here is the thread on the issue from the cherrypy-users group.

[toc] | [next] | [standalone]

#70691

In article <d576956a-5bcc-4508-bac1-87e954b7e3ec@googlegroups.com>,
 Timothy McDonald <tmcdon4ld@gmail.com> wrote:
> I am building a cherrypy app that is testing as vulnerable to the heartbleed 
> exploit. The app is running on the 64 bit 3.3.5 Windows distribution of 
> python. An updated version of 64 bit Python 3.3.x for Windows or an updated 
> pyopenssl? I am kind of surprised the distribution on python.org hasen't been 
> updated.

The current release of Python 3 is 3.4.0.  A 3.4.1 maintenance release, 
with OpenSSL updated in the Windows installer, is planned for final 
release in mid-May.  Python 3.3.x is now in security-fix-only mode which 
means only source fixes for security problems are released as needed and 
no further binary installers for Windows or OS X are produced.  (The 
Python 2 Windows installer is not affected since it bundles an older, 
pre-heartbleed version of OpenSSL.)

-- 
 Ned Deily,
 nad@acm.org

[toc] | [prev] | [standalone]

Back to top | Article view | comp.lang.python

csiph-web