Comments (6)
Is that something, that we can avoid using Random IV?
from aescrypt.
No, failure to use a random IV (#4) is a separate, unrelated, but still very bad problem.
from aescrypt.
@tarcieri Thanks for the info.
from aescrypt.
FYI, in case you're trying to follow the same path as me:
- Create a CVE request at http://cve.mitre.org/ - You'll get a CVE ID a day or so later.
- Create a report at https://rubysec.com/, quoting the CVE ID (they really need it even if it's not a required field)
- If people use https://github.com/rubysec/bundler-audit (they should), the reports will crop up.
from aescrypt.
I'm just sad it took me four years to figure out that this path works just fine... ugh. It should not have surprised me.
from aescrypt.
@jfinkhaeuser That web form is a new thing created this year, in response to MITRE failing to issue IDs in a timely fashion via e-mail.
from aescrypt.
Related Issues (10)
- Mismatch between client and server encodings? HOT 2
- pad block corrupted
- Crash -[NSConcreteMutableData SHA256Hash]: unrecognized selector HOT 1
- Please retire this gem and label it as "unsafe" in the README HOT 1
- Decrypted Data missing Line Feeds
- Please use IV for CBC mode HOT 6
- Is there any android client available? HOT 2
- require 'base64'
- Not able to encrypt/decrypt utf-8 data HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aescrypt.