Package: bcrypt Version: 1.1-6 Severity: grave Tags: lfs upstream Hi,
The current version of bcrypt reads the whole file into memory by using fread, regardless of the file size. This means that for large files, a machine can run out of memory by trying to just read the file. The out of memory killer will kill other programs before killing an active program, thus causing the death of unrelated process. The solution to this problem would be to put a limit on how much can be read and encrypt via various subsequent read/writes instead of just one big read and one big write. -- Regards, Marga -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 3.2.0-0.bpo.2-686-pae (SMP w/2 CPU cores) Locale: LANG=es_AR.UTF-8, LC_CTYPE=es_AR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages bcrypt depends on: ii libc6 2.13-37 Embedded GNU C Library: Shared lib ii zlib1g 1:1.2.7.dfsg-13 compression library - runtime bcrypt recommends no packages. bcrypt suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
