On Mon, Feb 6, 2012 at 5:45 AM, <mar...@v.loewis.de> wrote: > >> I understand that but, to me, it makes no sense to send out truly broken >> releases. Besides, the hash collision attack is not exactly new either. >> Another few weeks can't make that much of a difference. > > > Why would the release be truly broken? It surely can't be worse than > the current releases (which apparently aren't truly broken, else > there would have been no point in releasing them back then).
Because Apple wasn't publishing versions of gcc-llvm that miscompile Python when those releases were made. (However, that's just a clarification of what changed to break the Mac OS X builds, I don't think it's a reason to hold up the hash security fix, even if it means spinning 3.2.4 not long after PyCon to sort out the XCode build problems). Cheers, Nick. -- Nick Coghlan | ncogh...@gmail.com | Brisbane, Australia _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com