[eGenix.com] ANN: eGenix pyOpenSSL Distribution 0.13.5
egenix-announcements at egenix.com
egenix-announcements at egenix.com
Fri Oct 24 11:07:56 CEST 2014
eGenix.com pyOpenSSL Distribution
An easy-to-install and easy-to-use distribution
of the pyOpenSSL Python interface for OpenSSL -
available for Windows, Mac OS X and Unix platforms
This announcement is also available on our web-site for online reading:
The eGenix.com pyOpenSSL Distribution includes everything you need to
get started with SSL in Python.
It comes with an easy-to-use installer that includes the most recent
OpenSSL library versions in pre-compiled form, making your application
independent of OS provided OpenSSL libraries:
pyOpenSSL is an open-source Python add-on that allows writing SSL/TLS-
aware network applications as well as certificate management tools:
OpenSSL is an open-source implementation of the SSL/TLS protocol:
This new release of the eGenix.com pyOpenSSL Distribution updates the
included OpenSSL version to the latest OpenSSL 1.0.1h version and adds
a few more context options:
New in OpenSSL
* Updated included OpenSSL libraries from OpenSSL 1.0.1i to
1.0.1j. See https://www.openssl.org/news/secadv_20141015.txt for a
complete list of changes. The following fixes are relevant for
- CVE-2014-3567: Memory leak in OpenSSL session ticket management.
- OpenSSL has added support for TLS_FALLBACK_SCSV to allow
applications to block the ability for a MITM attacker to force a
protocol downgrade, e.g. to enable a POODLE (CVE-2014-3566)
attack by forcing a downgrade to SSLv3. This is enabled
automatically for servers.
- CVE-2014-3568: OpenSSL configured with "no-ssl3" would still
allow a complete SSL 3.0 handshake to run.
New in pyOpenSSL
* Dropped zlib support from OpenSSL builds to more easily prevent the
CRIME attack without having to use special SSL context options.
* Disabled the SSLv2 support in OpenSSL builds. SSLv2 has long been
broken and this simplifies writing secure servers/clients.
* Updated the included CA root certificate bundles to Mozilla's
* Improved cipher list in https_client.py example which prefers the
newer AES128-GCM and elliptic curve DH over over ciphers.
* Added new context flag MODE_SEND_FALLBACK_SCSV. Documented
previously undocumented MODE_RELEASE_BUFFERS and removed
non-existing MODE_NO_COMPRESSION from the documentation.
* Added web installer package to the Python Package Index (PyPI)
which simplifies installation.
* In addition to the usual ways of installing eGenix pyOpenSSL, we
have uploaded a web installer to PyPI, so that it is now also
possible to use one of these installation methods on all supported
platforms (Windows, Linux, Mac OS X):
- easy_install egenix-pyopenssl via PyPI
- pip install egenix-pyopenssl via PyPI
- egg reference in zc.buildout via PyPI
- running "python setup.py install" in the unzipped web installer
The web installer will automatically detect the platform and choose
the right binary download package for you. All downloads are
verified before installation.
* Resolved a problem with a pyOpenSSL test for certificate
extensions: OpenSSL 1.0.1i+ wants a signature algorithm to be
defined when loading PEM certificates.
* Moved eGenix additions to pyOpenSSL to a new extras/ dir in the
* In previous releases, we also added the OpenSSL version number to
the package version. Since this causes very long version numbers,
we have dropped the OpenSSL version starting with 0.13.5 and will
only increase the main version number from now on. In the future,
we plan to switch to a new version scheme that is compatible with
our normal version number scheme for products.
pyOpenSSL / OpenSSL Binaries Included
In addition to providing sources, we make binaries available that
include both pyOpenSSL and the necessary OpenSSL libraries for all
supported platforms: Windows x86 and x64, Linux x86 and x64, Mac OS X
PPC, x86 and x64.
We've also added egg-file distribution versions of our eGenix.com
pyOpenSSL Distribution for Windows, Linux and Mac OS X to the
available download options. These make setups using e.g. zc.buildout
and other egg-file based installers a lot easier.
The download archives and instructions for installing the package can
be found at:
Before installing this version of pyOpenSSL, please make sure that
you uninstall any previously installed pyOpenSSL version. Otherwise,
you could end up not using the included OpenSSL libs.
Commercial support for these packages is available from eGenix.com.
for details about our support offerings.
For more information about the eGenix pyOpenSSL Distribution, licensing
and download instructions, please visit our web-site or write to
sales at egenix.com.
Professional Python Services directly from the Source (#1, Oct 24 2014)
>>> Python Projects, Consulting and Support ... http://www.egenix.com/
>>> mxODBC.Zope/Plone.Database.Adapter ... http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/
::::: Try our mxODBC.Connect Python Database Interface for free ! ::::::
eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48
D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
Registered at Amtsgericht Duesseldorf: HRB 46611
More information about the egenix-announcements