Use 16 bytes secure random instead of a number from 0 to 999. This #79

Merged
merged 1 commit into from Apr 7, 2014

Conversation

Projects
None yet
2 participants
Contributor

delphij commented Feb 14, 2014

increases entropy in the salt from about 10 bits to 128 bits.

Reported by: Pierre Carrier <pierre carrier#airbnb com>
Security: CVE-2014-0083

Use 16 bytes secure random instead of a number from 0 to 999. This
increases entropy in the salt from about 10 bits to 128 bits.

Reported by:	Pierre Carrier <pierre carrier#airbnb com>
Security:	CVE-2014-0083

@schaary schaary referenced this pull request Apr 7, 2014

Closed

Better SSHA salt #83

schaary added a commit that referenced this pull request Apr 7, 2014

Merge pull request #79 from delphij/master
Use 16 bytes secure random instead of a number from 0 to 999.  This

@schaary schaary merged commit c0a6e1e into ruby-ldap:master Apr 7, 2014

1 check failed

default The Travis CI build could not complete due to an error
Details

astratto pushed a commit to astratto/ruby-net-ldap that referenced this pull request Dec 18, 2015

Merge pull request #79 from delphij/master
Use 16 bytes secure random instead of a number from 0 to 999.  This
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment