Why Does 3rd/Python39/Lib/site-packages/psycopg2/_psycopg.cp39-win_amd64.pyd Have the CVE-2021-3711 CVE-2021-23840 CVE-2021-3450 CVE-2021-3712 CVE-2021-23841 CVE-2021-3449 CVE-2021-4160 Vulnerability? I Use Python 3.9.2? Where Is OpenSSL Used?

[zjmxq]

BPO	46795
Nosy	@zware

^{Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.}

Show more details

GitHub fields:

assignee = None
closed_at = <Date 2022-02-19.15:09:28.460>
created_at = <Date 2022-02-19.06:59:26.670>
labels = ['type-security', 'library', '3.9']
title = 'Why Does 3rd/Python39/Lib/site-packages/psycopg2/_psycopg.cp39-win_amd64.pyd Have the CVE-2021-3711 CVE-2021-23840 CVE-2021-3450 CVE-2021-3712 CVE-2021-23841 CVE-2021-3449 CVE-2021-4160 Vulnerability? I Use Python 3.9.2? Where Is OpenSSL Used?'
updated_at = <Date 2022-02-19.15:09:28.458>
user = 'https://bugs.python.org/zjmxq'

bugs.python.org fields:

activity = <Date 2022-02-19.15:09:28.458>
actor = 'zach.ware'
assignee = 'none'
closed = True
closed_date = <Date 2022-02-19.15:09:28.460>
closer = 'zach.ware'
components = ['Library (Lib)']
creation = <Date 2022-02-19.06:59:26.670>
creator = 'zjmxq'
dependencies = []
files = []
hgrepos = []
issue_num = 46795
keywords = []
message_count = 1.0
messages = ['413552']
nosy_count = 2.0
nosy_names = ['zach.ware', 'zjmxq']
pr_nums = []
priority = 'normal'
resolution = 'third party'
stage = 'resolved'
status = 'closed'
superseder = None
type = 'security'
url = 'https://bugs.python.org/issue46795'
versions = ['Python 3.9']

[zware]

Psycopg2 is a third-party package; questions about it should be directed to the Users category of discuss.python.org, the python-list mailing list, or a forum specific to psycopg2.

Also, note that Python 3.9.2 is well out of date; you should update to 3.9.10 or 3.10.2. On Windows, OpenSSL is included with Python, and is most easily updated by updating Python.

And lastly, please use the comment field rather than cramming your comments into the title field.