Issue #604 has been updated by Clément OUDOT.
Thanks for all issues concerning security. Could you maybe provide patches to help us improve the software? ---------------------------------------- Bug #604: Weak cryptography hash usage http://tools.lsc-project.org/issues/604 Author: John Menerick Status: Assigned Priority: Urgent Assigned to: Clément OUDOT Category: Self Service Password Target version: self-service-password-? While reviewing the code in file functions.inc.php, I observed a large number of weak cryptographic hashes. They are not strong enough to be used for hashing credentials. Line 26, Line 32, Line 40, and Line 46 come to mind. Additional information can be found @ http://www.hpenterprisesecurity.com/vulncat/en/vulncat/dotnet/weak_cryptographic_hash.html -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
_______________________________________________ ltb-dev mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-dev
