[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

streql - Constant-time string comparison

Dear debian-security,

I am looking for a sponsor for my package "streql".

In Python, the code for testing the equality of strings is susceptible
to a "timing side channel attack". The package 'streql' provides a
function for comparing strings of equal length in equal time, regardless
of the content of the strings.

* Package name    : streql
  Version         : 3.0.2-1
  Upstream Author : Peter Scott <peter@cueup.com>
* URL             : https://github.com/PeterScott/streql
* License         : Apache 2.0
  Section         : python

It builds those binary packages:

python-streql - Constant-time string comparison (Python 2)
python3-streql - Constant-time string comparison (Python 3)
pypy-streql - Constant-time string comparison (PyPy)

To access further information about this package, please visit the following


Alternatively, one can download the package with dget using this command:

dget -x

Changes since last upload:

* Initial release (Closes: #764443)

Riley Baird

Reply to: