Joomla! Issue Tracker | Joomla! CMS #8354 - Utilize safe string methods in JCrypt

?

Closed
9 Nov 2015
Medium
Build: staging
# 8354
Diff
mbabker:safeStrMethods

Success

Success The Travis CI build passed Details

User tests: Successful: Unsuccessful:

mbabker
9 Nov 2015

This pull request implements the safe string helper methods from \ParagonIE\Halite\Util (essentially as a fork since that library requires PHP 5.6) and utilizes the safeStrlen() method in our JCrypt::timingSafeCompare() method to address the issue raised in #8330.

mbabker - open - 9 Nov 2015

mbabker - change - 9 Nov 2015

Status

New

⇒

Pending

joomla-cms-bot - change - 9 Nov 2015

Labels

Added: ?

paragonie-scott - comment - 9 Nov 2015

There are other instances that need to be updated but that can come later.

f3324b5 9 Nov 2015

Utilize safe string methods in JCrypt

zero-24 - change - 9 Nov 2015

Category

⇒

Libraries

wilsonge - change - 9 Nov 2015

Status	Pending	⇒	Closed
Closed_Date	0000-00-00 00:00:00	⇒	2015-11-09 22:09:40
Closed_By		⇒	wilsonge

wilsonge - close - 9 Nov 2015

wilsonge - reference | 7eb70ea - 9 Nov 15

wilsonge - merge - 9 Nov 2015

wilsonge - close - 9 Nov 2015

wilsonge - comment - 9 Nov 2015

Merged on review

wilsonge - change - 9 Nov 2015

Milestone

Added:

mbabker - head_ref_deleted - 9 Nov 2015

beat - comment - 14 Nov 2015

Code reviewed

Add a Comment

Login with GitHub to post a comment

Older
Newer