Summary: | <dev-lang/python-3.4.0: hash secret can be recovered remotely | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED WONTFIX | ||
Severity: | normal | CC: | python |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1039915 | ||
Whiteboard: | A4 [noglsa/cve] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2013-12-12 10:50:33 UTC
It's good to have this captured in a bug, but just FTR we will not clean up 2.7 (and probably not 3.3, either) just because of this bug. Doing speedy stabilization of 3.4 would be neat, but experience leads me to believe that that would also be a pretty unrealistic goal. Upstream tagged this as wontfix for versions older than 3.4 (the latter implemented PEP 456 to address this issue). FOllowing upstream |