-
-
Notifications
You must be signed in to change notification settings - Fork 232
Description
I saw this go by on the Debian OpenSSL packagers list (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110254#10).
According to python/cpython#136881, there is a change in the OpenSSL point releases from July 1, including 3.0.17 LTS, that breaks a test case on Python 3.12. There's a fix in Python 3.13, but it will not be backported to older versions. It sounds like you can either locally revert the change in OpenSSL, or locally backport the change to Python.
I haven't looked at what the bug actually is and how much it matters, but we're in a position to apply patches to both OpenSSL and Python as needed, so it's probably good for us to not ship this bug. We're currently on 3.0.16, but we ought to upgrade to the latest point release (or to 3.5.x LTS, perhaps).
I also haven't looked at whether it has been reported as a regression to the OpenSSL team and might be fixed in a later OpenSSL point release, and whether it's present in versions of Python older than 3.12.