On Mon, Feb 6, 2012 at 5:45 AM, <martin at v.loewis.de> wrote: > >> I understand that but, to me, it makes no sense to send out truly broken >> releases. Besides, the hash collision attack is not exactly new either. >> Another few weeks can't make that much of a difference. > > > Why would the release be truly broken? It surely can't be worse than > the current releases (which apparently aren't truly broken, else > there would have been no point in releasing them back then). Because Apple wasn't publishing versions of gcc-llvm that miscompile Python when those releases were made. (However, that's just a clarification of what changed to break the Mac OS X builds, I don't think it's a reason to hold up the hash security fix, even if it means spinning 3.2.4 not long after PyCon to sort out the XCode build problems). Cheers, Nick. -- Nick Coghlan | ncoghlan at gmail.com | Brisbane, Australia
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4