Mailing Lists
|
|
cURL Mailing List Monthly Index Single Mail
curl-tracker Archives
[curl:bugs] #1251 Form boundary string should be truly random
From: Daniel Stenberg <bagder_at_users.sf.net>
Date: Mon, 24 Jun 2013 20:31:43 +0000
Let me emphasize that implementors that rely on the boundary string being cryptographically secure should rethink their designs!
--- ** [bugs:#1251] Form boundary string should be truly random** **Status:** open **Created:** Mon Jun 24, 2013 11:24 AM UTC by Floris **Last Updated:** Mon Jun 24, 2013 08:30 PM UTC **Owner:** Daniel Stenberg The use of predicatable pseudo-random numbers to generate the multipart/form boundary can lead to security issues in software using libcurl. See: http://localhost.re/p/solusvm-whmcs-module-316-vulnerability --- Sent from sourceforge.net because curl-tracker@cool.haxx.se is subscribed to https://sourceforge.net/p/curl/bugs/ To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/curl/admin/bugs/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.Received on 2013-06-24 These mail archives are generated by hypermail. |
Page updated May 06, 2013.
web site info