Password hash is created by md5
Bug #1066023 reported by
Philipp Trommler
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Jac |
Fix Released
|
High
|
Unassigned | ||
PFiDaba |
Fix Released
|
High
|
Unassigned |
Bug Description
The password for a DB is still created using md5. Of course this is very insecure and only a filler, because for some reasons crypt() didn't work. The md5-function shall be replaced by the new PHP password-function.
Changed in jac: | |
status: | New → Triaged |
importance: | Undecided → High |
security vulnerability: | no → yes |
Changed in pfidaba: | |
status: | Triaged → Fix Released |
Changed in jac: | |
status: | Triaged → Fix Released |
To post a comment you must log in.