Message 267723 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	doko
Recipients	Colm Buckley, Lukasa, alex, christian.heimes, doko, dstufft, larry, lemburg, martin.panter, matejcik, ned.deily, python-dev, rhettinger, skrah, thomas-petazzoni, vstinner, ztane
Date	2016-06-07.18:51:52
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<575717BF.4030700@debian.org>
In-reply-to	<1465310860.48.0.930633154294.issue26839@psf.upfronthosting.co.za>

Content
On 07.06.2016 16:47, Christian Heimes wrote: > > Christian Heimes added the comment: > > PSRT VETO! > > In the light of the upcoming release 3.5.2 I'm now putting on my PSRT hat (Python Security Response Team) and proclaim a veto against any and all changes to os.urandom(). The security properties of os.urandom() must not be modified or reduced compared to 3.5.1. Please restore the behavior of os.urandom(). So you are intentionally accepting a new vector for DoS attacks, and calling this non-reduced security?

On 07.06.2016 16:47, Christian Heimes wrote:
> 
> Christian Heimes added the comment:
> 
> PSRT VETO!
> 
> In the light of the upcoming release 3.5.2 I'm now putting on my PSRT hat (Python Security Response Team) and proclaim a veto against any and all changes to os.urandom(). The security properties of os.urandom() must not be modified or reduced compared to 3.5.1. Please restore the behavior of os.urandom().

So you are intentionally accepting a new vector for DoS attacks, and calling
this non-reduced security?

History
Date	User	Action	Args
2016-06-07 18:51:52	doko	set	recipients: + doko, lemburg, rhettinger, vstinner, larry, christian.heimes, matejcik, ned.deily, alex, skrah, python-dev, martin.panter, ztane, dstufft, Lukasa, thomas-petazzoni, Colm Buckley
2016-06-07 18:51:52	doko	link	issue26839 messages
2016-06-07 18:51:52	doko	create