* Florian Weimer: > CVE-2012-2143 > The crypt(text, text) function in the pgcrypto contrib module > did not handle certain passwords correctly, ignoring > characters after the first character which does not fall into > the ASCII range.
It's been pointed out to me that this is incorrect. Only traditional DES hashes are affected, and the byte which triggers truncation is 0x80 only. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
