[Python-Dev] Status of the fix for the hash collision ulnerability (original) (raw)
Victor Stinner victor.stinner at haypocalc.com
Sun Jan 15 15:27:55 CET 2012
- Previous message: [Python-Dev] Status of the fix for the hash collision ulnerability
- Next message: [Python-Dev] Status of the fix for the hash collision ulnerability
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I don't think that it would be hard to patch this library to use another hash function. It can implement its own hash function, use MD5, SHA1, or anything else. hash() is not stable accross Python versions and 32/64 bit systems.
Victor
2012/1/15 Hynek Schlawack <hs at ox.cx>:
Am Sonntag, 15. Januar 2012 um 05:49 schrieb Steven D'Aprano:
> I don't think anyone doubts that this will break lots of code (at least, > the arguments I've heard have been "their code is broken", not "nobody does > that").
I don't know about "lots" of code, but it will break at least one library (or so I'm told): http://mail.python.org/pipermail/python-list/2012-January/1286535.html Sadly, suds is also Python's only usable SOAP library at this moment. :( (on top of that, the development is in limbo ATM)
Python-Dev mailing list Python-Dev at python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/victor.stinner%40haypocalc.com
- Previous message: [Python-Dev] Status of the fix for the hash collision ulnerability
- Next message: [Python-Dev] Status of the fix for the hash collision ulnerability
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]