[jira] [Closed] (LANG-1688) Why does RandomStringUtils not use SecureRandom?

Gary D. Gregory (Jira) Thu, 19 Jun 2025 04:43:11 -0700


     [ 
https://issues.apache.org/jira/browse/LANG-1688?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Gary D. Gregory closed LANG-1688.
---------------------------------
    Fix Version/s: 3.17.0
       Resolution: Fixed

Closing: See:
 * org.apache.commons.lang3.RandomStringUtils.secure()
 * org.apache.commons.lang3.RandomStringUtils.secureStrong()
 * org.apache.commons.lang3.RandomStringUtils.insecure()

> Why does RandomStringUtils not use SecureRandom?
> ------------------------------------------------
>
>                 Key: LANG-1688
>                 URL: https://issues.apache.org/jira/browse/LANG-1688
>             Project: Commons Lang
>          Issue Type: Improvement
>          Components: lang.*
>            Reporter: liangGe
>            Priority: Minor
>             Fix For: 3.17.0
>
>
> Now that the security problem is increasingly serious, why not use 
> SecureRandom for Random in the RandomStringUtils.java?



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Closed] (LANG-1688) Why does RandomStringUtils not use SecureRandom?

Reply via email to