Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added crypto random string. verified. #3850

Closed
wants to merge 1 commit into from

Conversation

barakolo
Copy link

@barakolo barakolo commented Jul 3, 2021

Description

A fixed security issue - the randomness wasn't enough as an attacker could have tried breaking this random over time, without any limitations.
Please look at the following issue: #3832

@philc
Copy link
Owner

philc commented Jul 10, 2021

Great work @barakolo on the bug and this PR. I've adapted the contents of this PR a bit in 1d80e66, and included a stub so that the tests pass. Thanks!

@philc philc closed this Jul 10, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants