Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
PHP

+ - Serious Crypto Bug Found in PHP 5.3.7->

Submitted by Trailrunner7
Trailrunner7 (1100399) writes "The maintainers of the PHP scripting language are warning users about a serious crypto problem in the latest release and advising them not to upgrade to PHP 5.3.7 until the bug is resolved.

PHP 5.3.7 was just released last week and that version contained fixes for a slew of security vulnerabilities. But now a serious flaw has been found in that new release that is related to the way that one of the cryptographic functions handles inputs. In some cases, when the crypt() function is called using MD5 salts, the function will return only the salt value."

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Serious Crypto Bug Found in PHP 5.3.7

Comments Filter:

Felson's Law: To steal ideas from one person is plagiarism; to steal from many is research.

Working...