On 09/01/2016 Kay Schenk wrote:
On 09/01/2016 11:17 AM, Pedro Giffuni wrote:
Hello;
The python we are carrying for AOO 4.2.0 (2.7.8) has many security
vulnerabilities which may or may not have an effect on AOO.
In order to make future updates and particularly for Python 2.7.9, in
fact, we also needed to update OpenSSL, so now that Don updated
OpenSSL the basic update became possible. I tested the update
on FreeBSD but I had to hack for Windows buildfiles and this requires
testing.
People that regularly build windows please try this patch:
http://people.apache.org/~pfg/patches/python-update.diff
If there is no feedback I could try committing the change and keep an
eye on the buildbots, although this is certainly not too elegant.
The issue is if we can get a newer version of Python from a reputable
repo for CentOS 5.11 for i386 and x86_64 which will be our build
environment for *nix systems.
So, we need to investigate this first. I'm using python 2.7.10 on CentOS
6.8 but I don't remember where I got it. :/
Hmm ...
I don't think I understand very well what you are meaning here:
If you are using a pre-packaged python to build AOO, then the AOO
embedded python version is of no concern. If you are building the
internal python in AOO then it's in your best interest to have
something at least as up to date as the one that regularly comes
with your OS.
I don't really care very much about the python version used in BSD/Linux
/MacOS as it is likely users in those systems will have an up-to-date
python version. Windows, on the other hand, depends on the specific
python we are delivering.
Pedro.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org
