Hi,
Yes, this was caused by the 1.7.1 roll out. What's happening is that you're
specifying the pycrypto version in your app.yaml as 'latest' instead of a
specific version. In 1.7.1, we added pycrypto 2.6 to the python27 runtime
and which is what all applications that specify 'latest' are now using. The
error message is a bit misleading. Your code will continue to work as-is,
so there is nothing you have to change. Also, you should only see this
message on the first request to an instance.
We will look into fixing this issue.
On Thursday, 23 August 2012 08:30:48 UTC+10, Richie Foreman wrote:
>
> +1 I am also seeing this in my environment as well.
>
>
>
> On Tuesday, 21 August 2012 10:05:54 UTC-7, c h wrote:
> > using python27 this started showing in my error logs today:
> >
> >
> > 2012-08-21
> 08:22:06.683/base/python27_runtime/python27_lib/versions/third_party/pycrypto-2.6/Crypto/Util/number.py:57:
>
> PowmInsecureWarning: Not using mpz_powm_sec. You should rebuild using
> libgmp >= 5 to avoid timing attack vulnerability.E2012-08-21 08:22:06.683
> _warn("Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to
> avoid timing attack vulnerability.", PowmInsecureWarning)
> >
> >
> > i have not changed app versions in about a week. was this caused by a
> system upgrade? the error message makes me think it's something that
> should be fixed?
> >
> >
> > thanks,
> >
> >
> > christian
>
--
You received this message because you are subscribed to the Google Groups
"Google App Engine" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/google-appengine/-/xUQkkrOVwJMJ.
To post to this group, send email to google-appengine@googlegroups.com.
To unsubscribe from this group, send email to
google-appengine+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/google-appengine?hl=en.
