Last modified: 2011-08-23 15:25:05 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T32527, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 30527 - Blacklist PHP 5.3.7
Blacklist PHP 5.3.7
Status: RESOLVED INVALID
Product: MediaWiki
Classification: Unclassified
Installer (Other open bugs)
unspecified
All All
: Unprioritized normal (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2011-08-23 14:19 UTC by Raimond Spekking
Modified: 2011-08-23 15:25 UTC (History)
3 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Raimond Spekking 2011-08-23 14:19:02 UTC 
Per http://www.php.net/archive/2011.php#id2011-08-22-1 it should be wise to blacklist PHP 5.3.7 because of an issue with MD5:

https://bugs.php.net/bug.php?id=55439 : "If crypt() is executed with MD5 salts, the return value conists of the salt only. DES and BLOWFISH salts work as expected."
Comment 1 Roan Kattouw 2011-08-23 14:20:35 UTC 
We don't use crypt(), so why would we need to?
Comment 2 Raimond Spekking 2011-08-23 14:21:43 UTC 
If MediaWiki is not effected, this bug can closed as INVALID?
Comment 3 Chad H. 2011-08-23 14:23:06 UTC 
Resolving per comment 1 and 2 :)
Comment 4 Max Semenik 2011-08-23 15:25:05 UTC 
crypt() is used by LDAP Auth, pinged Ryan Lane on extension's talk page.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links