Hi Amber, Are you aware of anyone trying to use Twisted with PyOpenSSL/LibreSSL ? Just curious.
Cheers, -E On Tue, Feb 9, 2016 at 12:56 AM, Amber "Hawkie" Brown < hawk...@atleastfornow.net> wrote: > Hi everyone, > > There's a known issue with Twisted + PyOpenSSL>=0.13 using OpenSSL version > 1.0.2f. Please note, this only potentially affects you if: > > - You use Windows or OS X -- Cryptography 1.2.2's wheels have a bundled > 1.0.2f. > OR > - You use a Linux or FreeBSD distribution which has OpenSSL 1.0.2f. If you > are using a released distribution of Ubuntu or Debian, you most likely have > a *patched* (so, still secure) past version (like Ubuntu 15.10, which has a > patched 1.0.2d). If you are using Fedora 23, you may have 1.0.2f. You can > check by running "openssl version". > > There is also an unrelated issue with CFFI that causes Cryptography 1.2 > wheels for Windows/OS X to cause CPython to crash on interpreter shutdown. > > The current highest working Cryptography version that causes a test suite > pass is 1.2.2 on Linux with OpenSSL versions other than 1.0.2f, 1.1.2 on > Windows & OS X without an unreleased CFFI patch, and 1.2.1 once the CFFI > patch is released. Our Windows and OS X builders have their Cryptography > dependencies pinned to 1.1.2 until these problems are solved. > > Please note, this doesn't mean your applications may or may not work in > practice with OpenSSL 1.0.2f! It just means the test suite does not pass, > so we can't be absolutely sure that 1.0.2f will not cause problems for you. > The latest patched versions of OpenSSL are strongly recommended from a > security standpoint. > > The relevant issues are: > > - Make tests pass on 1.0.2f (Twisted, > https://twistedmatrix.com/trac/ticket/8189) > - Crash during interpreter shutdown when using static callbacks (CFFI, > https://bitbucket.org/cffi/cffi/issues/246/crash-during-interpreter-shutdown-when > ) > > Regards, > > Amber Brown > Twisted Release Manager > > _______________________________________________ > Twisted-web mailing list > Twisted-web@twistedmatrix.com > http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-web > >
_______________________________________________ Twisted-web mailing list Twisted-web@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-web
