Date: Sat, 18 Feb 2006 08:42:07 +0000 (UTC) From: Aaron Dalton <aaron@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/security/p5-Crypt-CBC Makefile distinfo Message-ID: <200602180842.k1I8g7Gb006025@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
aaron 2006-02-18 08:42:07 UTC FreeBSD ports repository Modified files: security/p5-Crypt-CBC Makefile distinfo Log: - update from v2.15 to v2.17 Approved by: tobez (implicit) 2.17 Mon Jan 9 18:22:51 EST 2006 -IMPORTANT NOTE: Versions of this module prior to 2.17 were incorrectly using 8 byte IVs when generating the old-style RandomIV style header (as opposed to the new-style random salt header). This affects data encrypted using the Rijndael algorithm, which has a 16 byte blocksize, and is a significant security issue. The bug has been corrected in versions 2.17 and higher by making it impossible to use 16-byte block ciphers with RandomIV headers. You may still read legacy encrypted data by explicitly passing the -insecure_legacy_decrypt option to Crypt::CBC->new(). -The salt, iv and key are now reset before each complete encryption cycle. This avoids inadvertent reuse of the same salt. -A new -header option has been added that allows you to select among the various types of headers, and avoids the ambiguity of having multiple interacting options. -A new random_bytes() method provides access to /dev/urandom on suitably-equipped hardware. 2.16 Tue Dec 6 14:17:45 EST 2005 - Added two new options to new(): -keysize => <bytes> Force the keysize -- useful for Blowfish -blocksize => <bytes> Force the blocksize -- not known to be useful ("-keysize=>16" is necessary to decrypt OpenSSL messages encrypted with Blowfish) Revision Changes Path 1.20 +1 -1 ports/security/p5-Crypt-CBC/Makefile 1.10 +3 -3 ports/security/p5-Crypt-CBC/distinfo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200602180842.k1I8g7Gb006025>