Package: php5
Version: 5.3.6-13
Severity: minor
Hi,
>From today's upgrade:
* Updated blowfish crypt() algorithm fixes the 8-bit character handling
vulnerability (CVE-2011-2483) and adds more self-tests. Unfortunately
this change is incompatible with some old (wrong) generated hashes for
passwords containing 8-bit characters. Therefore the new salt prefix
'$2x$' was introduced which can be used as a replacement for '$2a$'
salt prefix in the password database in case the incompatibility is
found.
Some minor nitpicks:
- the asterisk is not needed :)
- the above seems to take for granted that the reader already knows
about CVE-2011-2483. When discussing the resulting incompatibility,
it would be friendlier to explain what prompted it.
- it doesn't actually say what the '$2x$' salt prefix means, or where
one should put it (keeping in mind that some sysadmins may not be
PHP developers).
I'd suggest stealing as much text as sensible from
http://seclists.org/oss-sec/2011/q2/632 and going from there. E.g.
The implementation of the blowfish crypt() algorithm had an
inadvertent sign extension bug since 1998 (and maybe even 1997),
which this update fixes.
The majority of hashes (but not all of them) for passwords containing
characters with the 8th bit set were incompatible with OpenBSD's (really
nasty, but no security impact here).
What's worse, approximately 3 in 16 passwords containing a single
character with the 8th bit set had 1 to 3 characters immediately
preceding the 8-bit character ignored. With more than one character
with the 8th bit set, things may be even worse.
Thus, those passwords may have been much easier to crack than expected.
By correcting the algorithm, this update causes such passwords to be
disabled.
If you wish to avoid service disruption for everyone (even if that
means potentially staying with weaker passwords than what some users
have been expected; maybe password changes would then be recommended
or forced over time) then please replace "$2a$" with "$2x$" in existing
hashes on the system. Alternatively, say, a custom web app can make
this replacement for crypt() calls only, on hashes created before the
upgrade date.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
