New submission from Barry A. Warsaw <ba...@python.org>: This is already publicly known and in deep discussion on python-dev. The proper fix is still TBD. Essentially, hash collisions can be exploited to DoS a web framework that automatically parses input forms into dictionaries.
Start here: http://mail.python.org/pipermail/python-dev/2011-December/115116.html ---------- components: Interpreter Core messages: 150522 nosy: barry, benjamin.peterson, georg.brandl priority: release blocker severity: normal status: open title: Hash collision security issue type: security versions: Python 2.6, Python 2.7, Python 3.1, Python 3.2, Python 3.3 _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue13703> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com