This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author carljm
Recipients barry, benjamin.peterson, carljm, dmalcolm, eric.snow, georg.brandl, jaraco, loewis
Date 2012-03-29.21:53:26
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1333058007.81.0.890763827738.issue14444@psf.upfronthosting.co.za>
In-reply-to
Content
I'd been thinking the "escape the security fix" argument didn't apply, because the security fix requires opt-in anyway and the -R flag would fail immediately on a non-updated virtualenv.

But there is also the environment variable. It is quite possible that someone could update their system Python, set PYTHONHASHSEED and think they are protected from the hash collision vulnerability, but not be because they are running in a virtualenv. That is a strong argument for letting this break and forcing the update.
History
Date User Action Args
2012-03-29 21:53:27carljmsetrecipients: + carljm, loewis, barry, georg.brandl, jaraco, benjamin.peterson, dmalcolm, eric.snow
2012-03-29 21:53:27carljmsetmessageid: <1333058007.81.0.890763827738.issue14444@psf.upfronthosting.co.za>
2012-03-29 21:53:26carljmlinkissue14444 messages
2012-03-29 21:53:26carljmcreate