Release v2014.11.2: Fix EZP-24140: Potential vulnerability in eZ Publish password recovery · netgen/ezpublish-legacy

v2014.11.2
658924e
Choose a tag to compare

Filter

View all tags

v2014.11.2: Fix EZP-24140: Potential vulnerability in eZ Publish password recovery

v2014.11.2
658924e
Choose a tag to compare

Filter

View all tags

glye tagged this 11 May 10:14

Use openssl_random_pseudo_bytes() if available, otherwise fall back to mt_rand(). Use microtime() for entropy.

(cherry picked from commit 5908d5ee65fec61ce0e321d586530461a210bf2a)

Assets 2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Uh oh!