[horde] Error after upgrade

Stephan Rattai steffo76 at gmx.de
Wed Jan 23 14:54:50 UTC 2013


-------- Original-Nachricht --------
> Datum: Wed, 23 Jan 2013 09:44:14 -0500
> Von: Michael J Rubinsky <mrubinsk at horde.org>
> An: horde at lists.horde.org
> Betreff: Re: [horde] Error after upgrade

> 
> Quoting steffo76 at gmx.de:
> 
> >>> Hi list,
> >>>
> >>> after upgrading to horde groupware webmail edition 5.0.3 I get a lot
> of
> >>> "Using an empty Initialization Vector (iv) is potentially insecure
> >>> and not recommended" errors in the horde log. The upgrade itself
> >>> went smoothly so where did I go wrong ?
> >>>
> >>> Regards
> >>> Stephan
> >>>
> >> Sounds like Horde_Crypt_Blowfish wasn't updated.
> >
> > Any ideas ? Packages are all up to date including:
> >
> > Horde_Crypt               2.1.1   stable
> > Horde_Crypt_Blowfish      1.0.2   stable
> >
> > php version is 5.3.20 (although it is the same with 5.3.8).
> >
> > WARN: HORDE [imp] PHP ERROR: openssl_encrypt() [<a  
> > href='function.openssl-encrypt'>function.openssl-encrypt</a>]: Using  
> > an empty Initialization Vector (iv) is potentially insecure and not  
> > recommended [pid 23639 on line 44 of  
> > "/usr/local/lib/php/Horde/Crypt/Blowfish/Openssl.php"]
> >
> > I can get rid of these by decreasing the log level but these  
> > messages shouldn't be there, should they ?
> 
> http://lists.horde.org/archives/horde/Week-of-Mon-20121119/045531.html

Ah, thanks, so it's time to turn down the log level.


More information about the horde mailing list