[jira] [Commented] (SLIDER-1248) Insecure random number generator

Billie Rinaldi (JIRA) Tue, 12 Sep 2017 09:19:33 -0700

    [ 
https://issues.apache.org/jira/browse/SLIDER-1248?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16163183#comment-16163183
 ]


Billie Rinaldi commented on SLIDER-1248:
----------------------------------------

+1, I ran unit tests and this looks good to me.

> Insecure random number generator
> --------------------------------
>
>                 Key: SLIDER-1248
>                 URL: https://issues.apache.org/jira/browse/SLIDER-1248
>             Project: Slider
>          Issue Type: Bug
>          Components: core, security
>    Affects Versions: Slider 0.92
>            Reporter: Gour Saha
>            Assignee: Gour Saha
>             Fix For: Slider 1.0.0
>
>         Attachments: SLIDER-1248.01.patch
>
>
> The random number generator implemented by randomAlphanumeric() in 
> AggregateConf.java and SecurityUtils.java cannot withstand a cryptographic 
> attack. SecureRandom is recommended.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (SLIDER-1248) Insecure random number generator

Reply via email to