[prev in list] [next in list] [prev in thread] [next in thread] 

List:       majordomo-workers
Subject:    Re: current CVS, insecure dependencies..
From:       Dave Barr <barr () cis ! ohio-state ! edu>
Date:       1998-11-09 14:06:18
[Download RAW message or body]

Jason L Tibbitts III wrote:
> 
> Can you try this?  My best guess now is that MD5 passes tainting on to the
> digest.  This isn't a problem for us, since we put that together with some
> random bits and grind it through MD5.

Hm, that seems to have fixed it, at least for my initial test case.

--Dave
-- 
http://www.cis.ohio-state.edu/~barr/
barr@cis.ohio-state.edu

[prev in list] [next in list] [prev in thread] [next in thread]