Am 13.04.14 21:41, schrieb Steve Dower:
> I'm willing to embark on migrating the entire installer to WiX, which
> doesn't directly fix any particular issue, but could significantly
> reduce the overhead of building and maintaining the Windows installers.
I somewhat doubt that it could reduce the o
_
From: Martin v. Löwis<mailto:mar...@v.loewis.de>
Sent: 4/13/2014 14:51
To: Paul Moore<mailto:p.f.mo...@gmail.com>; Python
Dev<mailto:python-dev@python.org>
Subject: Re: [Python-Dev] Windows installers and OpenSSL
Am 10.04.14 15:41, schrieb Paul Moore:
> Given the OpenSSL
Am 10.04.14 15:41, schrieb Paul Moore:
> Given the OpenSSL vulnerability and the fact that we bundle OpenSSL
> with the Windows installers (1.0.1e in Python 3.4.0) should we be
> releasing updated installers?
As others have said: certainly, and only for 3.4.0 (i.e. 2.7 in
particular is not affecte
On 11.04.2014 03:15, Nick Coghlan wrote:
> On 10 Apr 2014 18:55, "Benjamin Peterson" wrote:
>>
>> On Thu, Apr 10, 2014, at 14:50, Gregory P. Smith wrote:
>>> Yep. All binary Python distributions that bundle SSL support need
>>> updating.
>>> But... what MRAB said.
>>>
>>> We also *likely* have SSL
On 10 Apr 2014 18:55, "Benjamin Peterson" wrote:
>
> On Thu, Apr 10, 2014, at 14:50, Gregory P. Smith wrote:
> > Yep. All binary Python distributions that bundle SSL support need
> > updating.
> > But... what MRAB said.
> >
> > We also *likely* have SSL certificates and SSH host keys on
> > python
On Thu, Apr 10, 2014, at 14:50, Gregory P. Smith wrote:
> Yep. All binary Python distributions that bundle SSL support need
> updating.
> But... what MRAB said.
>
> We also *likely* have SSL certificates and SSH host keys on
> python.orginfrastructure that need to be revoked and new certs
> reissu
Yep. All binary Python distributions that bundle SSL support need updating.
But... what MRAB said.
We also *likely* have SSL certificates and SSH host keys on
python.orginfrastructure that need to be revoked and new certs
reissued
*after* all of those machines have been patched and their services
On 2014-04-10 14:41, Paul Moore wrote:
Given the OpenSSL vulnerability and the fact that we bundle OpenSSL
with the Windows installers (1.0.1e in Python 3.4.0) should we be
releasing updated installers?
I'd say yes, but, then, I wouldn't be doing any of the work...
_
Given the OpenSSL vulnerability and the fact that we bundle OpenSSL
with the Windows installers (1.0.1e in Python 3.4.0) should we be
releasing updated installers?
Paul
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/lis
