IMPORTANT: The work-around chosen by the OpenSSL team is to disable SSL session renegotiations altogether. This can cause applications relying on this feature on the client or server side to fail. You can still download the previous version of our pyOpenSSL distribution if you run into such problems.
Upgraded the included pyOpenSSL library to version 0.9, which includes a new fix for the threading problems of version 0.8 and several new features.
Upgraded the included OpenSSL libraries to version 0.9.8k, which includes a number of important bug fixes related to SSL.
Changes from 0.8.1_0.9.8j_1 to 0.8.1_0.9.8j_2:
Added support for Mac OS X and pre-built archives for this platform.
Changes from 0.8.0_0.9.8j_1 to 0.8.1_0.9.8j_1:
a serious problem with pyOpenSSL 0.8.0 and multi-threaded applications:
the new threading fixes cause invalid thread states in the Python
interpreter which resulted in random core dumps and seg faults. The patch was provided by Maxim Sobolev on SourceForge. Note that this patch has not yet been integrated into upstream pyOpenSSL.
pre-built archives for Windows upon request from the Plone people: this
makes it easier to integrate the archives into buildout scripts.
Changes from 0.8.0_0.9.8i_1 to 0.8.0_0.9.8j_1:
Upgraded the included OpenSSL libs to version 0.9.8j, which fixes a vulnerability found in earlier OpenSSL releases of the 0.9.8 branch: CVE-2008-5077.
Enabled zlib compression support
in OpenSSL for both the Linux and Windows builds, so OpenSSL
client/servers can now negotiate on-the-fly zlib compression for SSL