Path: csiph.com!x330-a1.tempe.blueboxinc.net!usenet.pasdenom.info!aioe.org!news.stack.nl!newsfeed.xs4all.nl!newsfeed5.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
Return-Path: <python-python-list@m.gmane.org>
X-Original-To: python-list@python.org
Delivered-To: python-list@mail.python.org
X-Spam-Status: OK 0.010
X-Spam-Evidence: '*H*': 0.98; '*S*': 0.00; 'method,': 0.07; 'received:80.91': 0.09; 'received:80.91.229': 0.09; 'received:80.91.229.12': 0.09; 'received:gmane.org': 0.09; 'received:list': 0.09; 'received:lo.gmane.org': 0.09; 'stability.': 0.16; 'header:In-Reply-To:1': 0.22; 'cache': 0.24; 'code': 0.25; 'fix': 0.27; 'problem': 0.29; 'hash': 0.30; "didn't": 0.30; "i've": 0.31; 'header:User-Agent:1': 0.33; 'to:addr:python-list': 0.33; 'all.': 0.34; 'header:X-Complaints- To:1': 0.34; 'however,': 0.35; 'received:org': 0.37; 'received:de': 0.39; 'received:78': 0.39; 'subject:: ': 0.39; 'change': 0.40; 'to:addr:python.org': 0.40; 'quick': 0.60; 'news': 0.73
X-Injected-Via-Gmane: http://gmane.org/
To: python-list@python.org
From: Christian Heimes <lists@cheimes.de>
Subject: Re: Hash stability
Date: Mon, 16 Jan 2012 09:44:05 +0100
References: <4f1107b7$0$29988$c3e8da3$5496439d@news.astraweb.com> <jeritr$4sb$1@dough.gmane.org> <4F1205A7.70303@modelnine.org> <jeu8t4$2kc$1@dough.gmane.org> <4F12BC8A.9040205@modelnine.org> <jeugdp$e1b$1@dough.gmane.org> <4F12F9D8.5080904@modelnine.org> <jf0mgu$8ue$1@dough.gmane.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Gmane-NNTP-Posting-Host: f049105166.adsl.alicedsl.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:9.0) Gecko/20111229 Thunderbird/9.0
In-Reply-To: <jf0mgu$8ue$1@dough.gmane.org>
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe: <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <http://mail.python.org/pipermail/python-list>
List-Post: <mailto:python-list@python.org>
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Subscribe: <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups: comp.lang.python
Message-ID: <mailman.4788.1326703463.27778.python-list@python.org>
Lines: 12
NNTP-Posting-Host: 2001:888:2000:d::a6
X-Trace: 1326703463 news.xs4all.nl 6971 [2001:888:2000:d::a6]:43041
X-Complaints-To: abuse@xs4all.nl
Xref: x330-a1.tempe.blueboxinc.net comp.lang.python:19034

Am 16.01.2012 09:18, schrieb Peter Otten:
> I've taken a quick look into the suds source; the good news is that you have 
> to change a single method, reader.Reader.mangle(), to fix the problem with 
> hash stability. 
> 
> However, I didn't see any code to deal with hash collisions at all.

It smells like suds is vulnerable to cache poisoning.