On Mon, Mar 09, 2015 at 03:00:27PM +0100, Emmanuel Bourg wrote:
> Thank you for the report Moritz.
>
> According to the Bugzilla report the issue happens when BCrypt.gensalt()
> is called with the value 31. jenkins is the only package using this
> library and it calls this method with no parameter [1], the default
> value being 10 [2].
>
> So I don't think this issue is critical for Jessie.
Ok. It probably fairly unlikely that external Java applications
use the shipped libjbcrypt-java package.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
