Message158203
> This issue is a security vulnerability.
I disagree, it's just an issue of a comment in the C code. The Python documentation doesn't guarantee that os.urandom() is cryptographic.
Use ssl.RAND_bytes(), added to Python 3.3, if you need cryptographic random numbers.
By the way, VMS is no more supported in Python 3.3, see the PEP 11:
Name: VMS
Unsupported in: Python 3.3
Code removed in: Python 3.4 |
|
Date |
User |
Action |
Args |
2012-04-13 09:58:31 | vstinner | set | recipients:
+ vstinner, loewis, zooko, adiroiban |
2012-04-13 09:58:31 | vstinner | set | messageid: <1334311111.61.0.0949501405666.issue9123@psf.upfronthosting.co.za> |
2012-04-13 09:58:31 | vstinner | link | issue9123 messages |
2012-04-13 09:58:30 | vstinner | create | |
|