Hi guys, > This should be applied to master first, and then backported to any stable > branches. Can you re-send in a form that applies to master? > > Ross
Python has fixed this issue in version 3.5. and backported to 2.7: See the patch here: https://hg.python.org/cpython/rev/f762cbb712de But this patch doesn’t apply, I have downloaded the latest 2.7.8, it is the Same problem there. I have sent email to the guy responsible to this patch but haven't heard from him yet. The commit message also say that " The backport currently doesn't achieve anything since the function isn't used (yet)": ======================================================= changeset 93549:f762cbb712de 2.7 Backport disabling of SSLv3 in ssl._create_stdlib_context() (issue #22638). The backport currently doesn't achieve anything since the function isn't used (yet). [#22638] ======================================================= So this is the reason why I have applied the Debian patch. They disable SSLv3 in python this way because they have disabled SSLv3 in OpenSSL in their Jessie. So if we take Debian's patch we need to define "OPENSSL_NO_SSL3” in the OpenSSL as well. Are you ok with this? (the same way that "OPENSSL_NO_SSL2" is defined in OpenSSL). ssl/ssl.h #if (defined(OPENSSL_NO_RSA) || defined(OPENSSL_NO_MD5)) && !defined(OPENSSL_NO_SSL2) #define OPENSSL_NO_SSL2 #endif Cheers Sona -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core