This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author loewis
Recipients barry, benjamin.peterson, carljm, georg.brandl, jaraco, loewis
Date 2012-03-29.19:12:01
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1333048322.84.0.667062872546.issue14444@psf.upfronthosting.co.za>
In-reply-to
Content
I'm not so sure that it is desirable to make it compatible. It is ultimately virtualenv's "fault" to use the 2.7.3 library with a 2.7.2 binary. If we get this to "work", people will still not gain the hash randomization. IOW, they get the library update, but not the interpreter update fixing the security issue. They will then find that if they create a new virtualenv, their code may suddenly break because of the hash randomization.

Ideally, virtualenv would have arranged to incorporate an upgrade to the executable automatically. Given that it doesn't, the failure mode sounds ok to me.
History
Date User Action Args
2012-03-29 19:12:02loewissetrecipients: + loewis, barry, georg.brandl, jaraco, benjamin.peterson, carljm
2012-03-29 19:12:02loewissetmessageid: <1333048322.84.0.667062872546.issue14444@psf.upfronthosting.co.za>
2012-03-29 19:12:02loewislinkissue14444 messages
2012-03-29 19:12:01loewiscreate