This was discussed on this list and it is my understanding it has been fixed at the Pyhton level: http://www.h-online.com/security/news/item/Python-updates-for-hash-collision-DoS-problems-Update-1519585.html
On Friday, 16 November 2012 05:34:26 UTC-6, Ralo Tannahill wrote: > > Hash-flooding DoS attack reported for the Hash function (Ruby) > http://www.ruby-lang.org/en/news/2012/11/09/ruby19-hashdos-cve-2012-5371 > > Just for information, not a Dos for web2py. > In web2py can we limit the size of the parsed data? just in case there was > a DoS like this one > > Kind regards > > > --