subject:"Bug#631347\: \[php\-maint\] Bug#631347\: CVE\-2011\-2483 crypt_blowfish\: 8\-bit character mishandling allows different password pairs to produce the same hash"

Bug#631347: [php-maint] Bug#631347: CVE-2011-2483 crypt_blowfish: 8-bit character mishandling allows different password pairs to produce the same hash

2011-06-23 Thread Moritz Mühlenhoff

On Thu, Jun 23, 2011 at 07:42:01AM +0200, Ondřej Surý wrote: > forcemerge 631286 631347 > tags 631286 +squeeze wheezy sid > Thank you > > Hi, > > I already notice the bug when you reported it in postgresql and cloned the > bug. > > Yes, the php5 is affected, but only squeeze and onwards (writin

Bug#631347: [php-maint] Bug#631347: CVE-2011-2483 crypt_blowfish: 8-bit character mishandling allows different password pairs to produce the same hash

2011-06-22 Thread Ondřej Surý

forcemerge 631286 631347 tags 631286 +squeeze wheezy sid Thank you Hi, I already notice the bug when you reported it in postgresql and cloned the bug. Yes, the php5 is affected, but only squeeze and onwards (writing this from top of my head, so I will better double check). Security team, can y