[Python-Dev] Python Remote Code Execution in socket.recvfrom_into()
Chris Angelico
rosuav at gmail.com
Tue Feb 25 14:06:01 CET 2014
On Tue, Feb 25, 2014 at 11:59 PM, Maciej Fijalkowski <fijall at gmail.com> wrote:
>> Last issues:
>> - hash DoS
>
> is this fixed?
Yes, hash randomization was added as an option in 2.7.3 or 2.7.4 or
thereabouts, and is on by default in 3.3+. You do have to set an
environment variable for 2.7 (and I think 2.6 got that too (??)), as
it can break code.
ChrisA
More information about the Python-Dev
mailing list