Comment 17 for bug 954595
Revision history for this message
| Barry Warsaw (barry) wrote Re: [Bug 954595] Re: ImportError: cannot import name urandom from os | #17 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
67d34a1
(Get the code!)
On Apr 27, 2012, at 07:02 PM, Scott Kitterman wrote:
>OK. I added a task on ubuntu-
>something up?
Python 2.7.3 includes a fix for a security vulnerability affecting Python's
dict and set implementations. Carefully crafted, untrusted input could lead
to extremely long computation times and denials of service. Although disabled
by default, vulnerable applications such as CGI scripts can explicitly enable
"hash randomization" to prevent this exploit. Due to implementation details
of this fix, virtualenvs created with older 2.7.x releases may not work with
2.7.3. Specifically, the os module may not appear to have a urandom function.
This problem can be solved by recreating the broken virtualenvs with the newer
Python 2.7.3 version.
See http://