[horde] Error after upgrade
Michael J Rubinsky
mrubinsk at horde.org
Wed Jan 23 14:44:14 UTC 2013
Quoting steffo76 at gmx.de:
>>> Hi list,
>>>
>>> after upgrading to horde groupware webmail edition 5.0.3 I get a lot of
>>> "Using an empty Initialization Vector (iv) is potentially insecure
>>> and not recommended" errors in the horde log. The upgrade itself
>>> went smoothly so where did I go wrong ?
>>>
>>> Regards
>>> Stephan
>>>
>> Sounds like Horde_Crypt_Blowfish wasn't updated.
>
> Any ideas ? Packages are all up to date including:
>
> Horde_Crypt 2.1.1 stable
> Horde_Crypt_Blowfish 1.0.2 stable
>
> php version is 5.3.20 (although it is the same with 5.3.8).
>
> WARN: HORDE [imp] PHP ERROR: openssl_encrypt() [<a
> href='function.openssl-encrypt'>function.openssl-encrypt</a>]: Using
> an empty Initialization Vector (iv) is potentially insecure and not
> recommended [pid 23639 on line 44 of
> "/usr/local/lib/php/Horde/Crypt/Blowfish/Openssl.php"]
>
> I can get rid of these by decreasing the log level but these
> messages shouldn't be there, should they ?
http://lists.horde.org/archives/horde/Week-of-Mon-20121119/045531.html
--
mike
The Horde Project (www.horde.org)
mrubinsk at horde.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6062 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.horde.org/archives/horde/attachments/20130123/c91f57b0/attachment-0001.bin>
More information about the horde
mailing list