Dear debian-python, I am looking for a sponsor for my package "streql".
In Python, the code for testing the equality of strings is susceptible to a "timing side channel attack". The package 'streql' provides a function for comparing strings of equal length in equal time, regardless of the content of the strings. This package has already been discussed in depth on debian-security: https://lists.debian.org/debian-security/2014/10/threads.html#00060 * Package name : streql Version : 3.0.2-1 Upstream Author : Peter Scott <pe...@cueup.com> * URL : https://github.com/PeterScott/streql * License : Apache 2.0 Section : python It builds those binary packages: python-streql - Constant-time string comparison (Python 2) python3-streql - Constant-time string comparison (Python 3) pypy-streql - Constant-time string comparison (PyPy) To access further information about this package, please visit the following URL: http://mentors.debian.net/package/streql Alternatively, one can download the package with dget using this command: dget -x http://mentors.debian.net/debian/pool/main/s/streql/streql_3.0.2-1.dsc Changes since last upload: * Initial release (Closes: #764443) Regards, Riley Baird -- To UNSUBSCRIBE, email to debian-python-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/545d2b00.1080...@bitmessage.ch
