Message157087
I'm not so sure that it is desirable to make it compatible. It is ultimately virtualenv's "fault" to use the 2.7.3 library with a 2.7.2 binary. If we get this to "work", people will still not gain the hash randomization. IOW, they get the library update, but not the interpreter update fixing the security issue. They will then find that if they create a new virtualenv, their code may suddenly break because of the hash randomization.
Ideally, virtualenv would have arranged to incorporate an upgrade to the executable automatically. Given that it doesn't, the failure mode sounds ok to me. |
|
Date |
User |
Action |
Args |
2012-03-29 19:12:02 | loewis | set | recipients:
+ loewis, barry, georg.brandl, jaraco, benjamin.peterson, carljm |
2012-03-29 19:12:02 | loewis | set | messageid: <1333048322.84.0.667062872546.issue14444@psf.upfronthosting.co.za> |
2012-03-29 19:12:02 | loewis | link | issue14444 messages |
2012-03-29 19:12:01 | loewis | create | |
|