ImperialViolet - Early ChangeCipherSpec Attack
OpenSSL 1.0.1h (and others) were released today with a scary looking security advisiory and that's always an event worth looking into. (Hopefully people are practiced at updating OpenSSL now!) Update: the original reporter has a blog post up. Also, I won't, personally, be answering questions about specific Google services. (I cut this blog post together from notes that I'm writing for internal gro
PHP 5.3ã§å…±é€šéµæš—å·ï¼ˆopenssl)を使用ã™ã‚‹ | ã¸ã³ã«ã£ã
5.2以å‰ã§ã‚‚使用ã§ãã‚‹mcryptã«ã¤ã„ã¦ã¯ã“ã¡ã‚‰ã€‚ PHP 5.3ã§opensslモジュールã®æ©Ÿèƒ½ãŒæ‹¡å¼µã•ã‚Œã€å…±é€šéµæš—å·ã«ã‚ˆã‚‹æš—å·åŒ–ãŒåˆ©ç”¨å¯èƒ½ã«ãªã£ãŸã€‚åŒæ™‚ã«å¾…望ã®ç–‘似乱数生æˆå™¨ã‚‚用æ„ã•ã‚ŒãŸã€‚ã“ã‚Œã§ä»Šã¾ã§mcryptãŒä½¿ç”¨ã§ããªã‹ã£ãŸWindowsã§ã‚‚ã€æš—å·å¦çš„強度をæŒã£ãŸä¹±æ•°ãŒç”Ÿæˆã§ãる(実際ã«è©¦ã—ã¦ã„ãªã„ãŒã€OpenSSLã¯Windowsã®CryptAPIã‹ã‚‰ä¹±æ•°ã‚’å¾—ã¦ã„る)。 ã¾ã マニュアルã«ã‚‚詳ã—ã„æƒ…å ±ãŒè¼‰ã£ã¦ã„ãªã„ã®ã§ã€ã‚½ãƒ¼ã‚¹ã‚’èªã¿ãªãŒã‚‰ä½¿ã„方を探ã£ã¦ã¿ãŸã€‚以下ã¯php-5.3.3ã®ã‚½ãƒ¼ã‚¹ã«åŸºã¥ã。ãŸã ã—コミットãƒã‚°ã‚’見るé™ã‚Šä»•æ§˜ã‚‚機能もã¾ã 安定ã—ã¦ã„ã‚‹ã¨ã¯è¨€ã„ãŒãŸã„ã®ã§ã€å®Ÿéš›ã«ä½¿ç”¨ã™ã‚‹ã«ã¯ã‚‚ã†å°‘ã—様åを見ãŸæ–¹ãŒè‰¯ã„ã‹ã‚‚ã—ã‚Œãªã„。 æš—å·åŒ–ã™ã‚‹éš›ã«æ±ºã‚ã¦ãŠãã¹ãã“ã¨ï¼š éµï¼ˆä»¥ä¸‹ KEY)… マニュアルã§ã¯ $password ã¨è¡¨è¨˜ã•ã‚Œã¦ã„ã‚‹ãŒã€ã„ã‚ゆる「パスワードã€ã§ã¯ãªã„。
1
ランã‚ング
ランã‚ング
ランã‚ング
リリースã€éšœå®³æƒ…å ±ãªã©ã®ã‚µãƒ¼ãƒ“スã®ãŠçŸ¥ã‚‰ã›
最新ã®äººæ°—エントリーã®é…ä¿¡
処ç†ã‚’実行ä¸ã§ã™
j次ã®ãƒ–ックマーク
kå‰ã®ãƒ–ックマーク
lã‚ã¨ã§èªã‚€
eコメント一覧を開ã
oページを開ã
æš—å·åŒ–ã«ã¤ã„ã¦å°‘ã—(ãã®2) - PC日記
{{#tags}}- {{label}}
{{/tags}}