[Python-Dev] Python Remote Code Execution in socket.recvfrom_into()

Chris Angelico rosuav at gmail.com
Tue Feb 25 14:06:01 CET 2014

On Tue, Feb 25, 2014 at 11:59 PM, Maciej Fijalkowski <fijall at gmail.com> wrote:
>> Last issues:
>> - hash DoS
> is this fixed?

Yes, hash randomization was added as an option in 2.7.3 or 2.7.4 or
thereabouts, and is on by default in 3.3+. You do have to set an
environment variable for 2.7 (and I think 2.6 got that too (??)), as
it can break code.


More information about the Python-Dev mailing list