JtR has been updated to 1.7.8 to fix an irregualrity
Bug #805258 reported by
Jeffrey Walton
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
john (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Blowfish bug: http://<email address hidden>
Update: http://
ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: john 1.7.3.1-1
ProcVersionSign
Uname: Linux 2.6.38-8-generic x86_64
Architecture: amd64
Date: Sun Jul 3 18:39:59 2011
InstallationMedia: Ubuntu 10.10 "Maverick Meerkat" - Release amd64 (20101007)
ProcEnviron:
LANGUAGE=en_US:en
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: john
UpgradeStatus: No upgrade log present (probably fresh install)
Related branches
CVE References
tags: |
added: upgrade-software-version removed: amd64 apport-bug natty running-unity |
Changed in john (Ubuntu): | |
status: | New → Fix Committed |
Changed in john (Ubuntu): | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Also of interest might be OpenWall's latest version of crypt_blowfish [1]:
Version 1.1 of crypt_blowfish fixes the 8-bit character
handling vulnerability (CVE-2011-2483) and it adds 8-bit
test vectors and a quick self-test on every hash
computation. Any copies of older crypt_blowfish code
must be upgraded.
[1] http:// www.openwall. com/crypt/