[prev in list] [next in list] [prev in thread] [next in thread]
List: openembedded-core
Subject: [OE-core] [PATCH v2 0/1] Python: Upgrade from 2.7.3 to 2.7.9
From: ross.burton () intel ! com (Burton, Ross)
Date: 2015-02-27 16:07:20
Message-ID: CAJTo0LbPVzhW9C7e3-2J45Yc5HiTEsby=c95PuaCRhF+bV01tQ () mail ! gmail ! com
[Download RAW message or body]
On 27 February 2015 at 13:47, Peter Urbanec <openembedded-devel at urbanec.net>
wrote:
> I think it may be a good idea to keep python 2.7.3 packages in oe-core
> because a move from 2.7.3 to 2.7.9 is likely to break some systems. At
> least in terms of item 1, we have a large potential for breakage, since the
> SSL cert checking will break anything that uses self-signed SSL certs for
> HTTPS without deploying the correct CA to the client systems. As far as I
> can tell, there is no system wide override for this behaviour.
IIRC the general argument is if that if you're assuming a self-signed
certification is valid, you've lost so much security. We're in the middle
of a development cycle so this will only impact people using or moving to
1.8.
I've just verified that python-imaging works for me (and works on the
autobuilders), so if you can replicate the failure on demand that filing a
bug would be useful.
Ross
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20150227/6154b053/attachment.html>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic