[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] RESEND: CVE Request: pwgen
From: Kurt Seifried <kseifried () redhat ! com>
Date: 2013-10-23 1:41:26
Message-ID: 52672946.9060801 () redhat ! com
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 10/22/2013 05:39 PM, Michael Samuel wrote:
> On 23 October 2013 08:50, Solar Designer <solar@openwall.com>
> wrote:
>> Michael, is the above correct? If so, should Kurt reject
>> CVE-2013-4443? I think so.
>
> Yes, that was correct - if you generated 1 extremely long password
> (rather than a ton of passwords) and made a histogram, there would
> be no bias.
>
Ok please REJECT CVE-2013-4443, not a vuln.
- --
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
iQIcBAEBAgAGBQJSZylGAAoJEBYNRVNeJnmTKpsQAIrrnqvsrExNFw3xCjtbabGI
7/15Njx+WqWxECVlxWzvYs8POmojsV9lRKD9KOK31PTCOwc0hiMhE7lQQFS4JUIU
l+2XckTD9DgyTgK1X6ZStGTGb21WxzOMBlpLbDjx2h/1k5zKZOCReUdvpnkljJw2
OCv6cYegen5N4oQ6Q8apgCcGOXhm+fgL3iCxXoc0mif13E4gsZH3nGWluK39pCdN
y1vebI72jwHOKtSuU+0/CutYkhZkr3/+7tQn1jTLqOLjFyGjpdE+1Ow+V5ZnymzX
bDGLRzmIWS34F72i8mc+UW1Le8igVXdbuHbE7UNM/n72nFz/sWKtY3/t+BqpoHwl
qK3Rsf/ruOvCTfHPNw8bM1P0sWFJCoOWEY9G+p9gYQqHZPwsvhQ/1FX16wmWJ60l
tyOdQi4o4Hu8vhr/egthdujsbIp92kRyvNgoWXxDYjZD0nBxh2bYQ4tgTRYNWPDE
4gcxjEKNfJwwlzgVgbZMgHPNcewfz82HZZ82+HMc9UjvQjB+weum80dIiHNmjTPt
W6Pi7U5rNU8T4CIZkGB2Ow9vVKXc4AIH3RgvOASb5dAfeylp1NoPRvvjZMrFqcZE
5lpQxfj6AFq8QlwSyp3+C3xvWv/w3fBueJynWIPg6AoRrhxX+TjY8SYv2Q/YHJ+E
WVcByXDhVKtNhy5LQfHV
=KWYQ
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic