oss-sec mailing list archives

Re: CVE-2026-9641: Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm and number of iterations


From: Peter Gutmann <pgut001 () cs auckland ac nz>
Date: Sat, 13 Jun 2026 01:37:19 +0000

Robert Rothenberg <rrwo () cpansec org> writes:

Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm
and number of iterations.

The default algorithm is HMAC-SHA1, which should only be used for legacy
systems.

Minor nit, there's actually nothing wrong with HMAC-SHA1 since the HMAC
construct prevents all of the attacks on SHA1.  Even the rather broken MD5 is
still fine if used in an HMAC construct.

Peter.

Current thread: