Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE request: crypt_blowfish 8-bit character mishandling
From: Solar Designer <solar () openwall com>
Date: Sun, 17 Jul 2011 17:48:21 +0400

On Thu, Jul 14, 2011 at 04:37:36PM +0200, Ludwig Nussel wrote:
Solar Designer wrote:
I am tempted to just release the current code as 1.2 now.  We won't
arrive at a perfect solution anyway, because it doesn't exist.  And we
need to let other projects upgrade to better/safer code (dealing with
one-correct to many-buggy collisions) sooner rather than later.

Indeed.

I've just released crypt_blowfish 1.2:

http://www.openwall.com/crypt/

All projects using crypt_blowfish should upgrade to this newer code.

Alexander


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault