[issue13703] Hash collision security issue
Barry A. Warsaw
report at bugs.python.org
Tue Jan 3 20:36:50 CET 2012
New submission from Barry A. Warsaw <barry at python.org>:
This is already publicly known and in deep discussion on python-dev. The proper fix is still TBD. Essentially, hash collisions can be exploited to DoS a web framework that automatically parses input forms into dictionaries.
Start here:
http://mail.python.org/pipermail/python-dev/2011-December/115116.html
----------
components: Interpreter Core
messages: 150522
nosy: barry, benjamin.peterson, georg.brandl
priority: release blocker
severity: normal
status: open
title: Hash collision security issue
type: security
versions: Python 2.6, Python 2.7, Python 3.1, Python 3.2, Python 3.3
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue13703>
_______________________________________
More information about the Python-bugs-list
mailing list