7cff876547
Versions of this module prior to 2.17 were incorrectly using 8 byte IVs when generating the old-style RandomIV style header (as opposed to the new-style random salt header). This affects data encrypted using the Rijndael algorithm, which has a 16 byte blocksize, and is a significant security issue. The bug has been corrected in versions 2.17 and higher by making it impossible to use 16-byte block ciphers with RandomIV headers. You may still read legacy encrypted data by explicitly passing the -insecure_legacy_decrypt option to Crypt::CBC->new(). |
||
|---|---|---|
| .. | ||
| pkg | ||
| distinfo | ||
| Makefile | ||