Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Two Vulnerabilities in One Line #5

paragonie-scott opened this issue Jun 9, 2015 · 3 comments

Two Vulnerabilities in One Line #5

paragonie-scott opened this issue Jun 9, 2015 · 3 comments


Copy link

@paragonie-scott paragonie-scott commented Dec 6, 2015

Is there any interest in fixing this?

Copy link

@rnapier rnapier commented Dec 6, 2015

My PHP background is weak, and I haven't heard from @curtisdf in a while. I've asked a colleague of mine with much more PHP experience to take a look. I'd also be happy to look at a pull request.

Thanks for the issue.

Copy link

@curtisdf curtisdf commented Dec 6, 2015

Hi @rnapier. Sorry for being AWOL. I wasn't receiving any emails about RNCryptor so it was out of sight out of mind.

I have migrated the project to use hash_equals() along with the polyfill library. I also took the opportunity to fix up our TravisCI configs. Since PHP 5.4 is at EOL, I have moved the minimum supported PHP version to 5.5. I also added support for testing in PHP7.

We are now at version 3.1.0. Thanks @paragonie-scott for the feedback.

@curtisdf curtisdf closed this Dec 6, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
3 participants
You can’t perform that action at this time.