Message324954
The pyexpat module calls XML_SetHashSalt(self->itself, (unsigned long)_Py_HashSecret.expat.hashsalt) to initialize the salt for hash randomization of the XML_Parser struct. The _elementree C accelerator doesn't call XML_SetHashSalt().
It's not a security issue with recent versions of libexpat. The library initializes the salt from a good entry source by default. |
|
Date |
User |
Action |
Args |
2018-09-10 22:47:44 | christian.heimes | set | recipients:
+ christian.heimes |
2018-09-10 22:47:44 | christian.heimes | set | messageid: <1536619664.47.0.56676864532.issue34623@psf.upfronthosting.co.za> |
2018-09-10 22:47:44 | christian.heimes | link | issue34623 messages |
2018-09-10 22:47:44 | christian.heimes | create | |
|