Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
geofft
on July 30, 2015
|
parent
|
context
|
favorite
| on:
Important Security Announcement from PagerDuty
I'd sort of hope they weren't using PHP's built-in crypto or any crypto library that deals in null-terminated strings. Judging from their careers pages, they use no PHP, so this shouldn't apply.
sarciszewski
on July 30, 2015
|
next
[–]
http://blog.ircmaxell.com/2015/03/security-issue-combining-b...
It's also applicable to crypt(3)...
ircmaxell
on July 30, 2015
|
prev
[–]
The only implementations of bcrypt (and crypt(3)) that I've seen that's
NOT
vulnerable to this are Golang and Python.
It has nothing to do with PHP...
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
