[horde] Error after upgrade
Stephan Rattai
steffo76 at gmx.de
Wed Jan 23 14:54:50 UTC 2013
-------- Original-Nachricht --------
> Datum: Wed, 23 Jan 2013 09:44:14 -0500
> Von: Michael J Rubinsky <mrubinsk at horde.org>
> An: horde at lists.horde.org
> Betreff: Re: [horde] Error after upgrade
>
> Quoting steffo76 at gmx.de:
>
> >>> Hi list,
> >>>
> >>> after upgrading to horde groupware webmail edition 5.0.3 I get a lot
> of
> >>> "Using an empty Initialization Vector (iv) is potentially insecure
> >>> and not recommended" errors in the horde log. The upgrade itself
> >>> went smoothly so where did I go wrong ?
> >>>
> >>> Regards
> >>> Stephan
> >>>
> >> Sounds like Horde_Crypt_Blowfish wasn't updated.
> >
> > Any ideas ? Packages are all up to date including:
> >
> > Horde_Crypt 2.1.1 stable
> > Horde_Crypt_Blowfish 1.0.2 stable
> >
> > php version is 5.3.20 (although it is the same with 5.3.8).
> >
> > WARN: HORDE [imp] PHP ERROR: openssl_encrypt() [<a
> > href='function.openssl-encrypt'>function.openssl-encrypt</a>]: Using
> > an empty Initialization Vector (iv) is potentially insecure and not
> > recommended [pid 23639 on line 44 of
> > "/usr/local/lib/php/Horde/Crypt/Blowfish/Openssl.php"]
> >
> > I can get rid of these by decreasing the log level but these
> > messages shouldn't be there, should they ?
>
> http://lists.horde.org/archives/horde/Week-of-Mon-20121119/045531.html
Ah, thanks, so it's time to turn down the log level.
More information about the horde
mailing list