On Feb 25, 2014, at 03:03 PM, Maciej Fijalkowski wrote: >Oh, I thought security fixes go to all python releases.
Well, not the EOL'd ones of course. Where's the analysis on backporting SIPHash to older Python versions? Would such a backport break backward compatibility? What other impacts would backporting have? Would it break pickles, marshals, or other serialization protocols? Are there performance penalties? While security should be a top priority, it isn't the only consideration in such cases. A *lot* of discussion went into how to effect the hash randomization in Python 2.7, because of questions like these. The same analysis would have to be done for backporting this change to active older Python versions. -Barry _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
