> As far as I can tell, the whole point of this patch is aimed at the 'hashed' > password case only (rather than 'salted_hash').
The vulnerability was never against salted_hash. I've since learned what Crypt::SaltedHash is I just don't believe I have a reason to use it. Why would I want to use something that serializes the hash and password into one database column when I can simply store them separately? Now, I have everything I want running locally. -- Evan Carroll System Lord of the Internets _______________________________________________ List: [email protected] Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[email protected]/ Dev site: http://dev.catalyst.perl.org/
