Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://mail.python.org/pipermail/python-dev/2012-January/115314.html below:

[Python-Dev] Hash collision security issue (now public)

• Previous message: [Python-Dev] Hash collision security issue (now public)
• Next message: [Python-Dev] Hash collision security issue (now public)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Tres Seaver wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 01/05/2012 02:14 PM, Glenn Linderman wrote:
>> 1) the security problem is not in CPython, but rather in web servers 
>> that use dict inappropriately.
> 
> Most webapp vulnerabilities are due to their use of Python's cgi module,
> which it uses a dict to hold the form / query string data being supplied
> by untrusted external users.

And Glenn suggested further down that an appropriate course of action 
would be to fix the cgi module (and others) instead of messing with dict.

~Ethan~

• Previous message: [Python-Dev] Hash collision security issue (now public)
• Next message: [Python-Dev] Hash collision security issue (now public)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4