[horde] Error after upgrade
steffo76 at gmx.de
steffo76 at gmx.de
Wed Jan 23 14:39:09 UTC 2013
>> Hi list,
>>
>> after upgrading to horde groupware webmail edition 5.0.3 I get a lot of
>> "Using an empty Initialization Vector (iv) is potentially insecure
>> and not recommended" errors in the horde log. The upgrade itself
>> went smoothly so where did I go wrong ?
>>
>> Regards
>> Stephan
>>
>Sounds like Horde_Crypt_Blowfish wasn't updated.
Any ideas ? Packages are all up to date including:
Horde_Crypt 2.1.1 stable
Horde_Crypt_Blowfish 1.0.2 stable
php version is 5.3.20 (although it is the same with 5.3.8).
WARN: HORDE [imp] PHP ERROR: openssl_encrypt() [<a href='function.openssl-encrypt'>function.openssl-encrypt</a>]: Using an empty Initialization Vector (iv) is potentially insecure and not recommended [pid 23639 on line 44 of "/usr/local/lib/php/Horde/Crypt/Blowfish/Openssl.php"]
I can get rid of these by decreasing the log level but these messages shouldn't be there, should they ?
Regards
Stephan
More information about the horde
mailing list