Chapril/paste.chapril.org-privatebin
Chapril/paste.chapril.org-privatebin
24
0
Fork 0
Code Issues Releases Wiki Activity
43a439e7d0
paste.chapril.org-privatebin/lib
History
Sebastien SAUVAGE 43a439e7d0 Time attack protection on hmac comparison 
This fixes issue 2.7 of https://defuse.ca/audits/zerobin.htm, and thus
(with commit a24212afda90ca3e4b4ff5ce30d2012709b58a28) also issue 2.8.

(cherry picked from commit 0b4db7ece313dd268e51fc47a0293a649927558a)

Conflicts:
	index.php
2015-08-15 23:44:03 +02:00
..
zerobin XSS flaw correction 2015-08-15 22:01:43 +02:00
.htaccess Fixed bug with missing directory separator and added .htaccess files to lib & cfg directories. If those are not present, the application will create them for you. 2012-04-30 13:58:29 +02:00
auto.php XSS flaw correction 2015-08-15 22:01:43 +02:00
filter.php Time attack protection on hmac comparison 2015-08-15 23:44:03 +02:00
persistence.php Prevent inconstitent /data/trafic_limiter.php due to file read while writing 2015-08-15 22:10:05 +02:00
RainTPL.php added autoloading, configurable paste size limit, changed JS to calculate localized comment times instead of UTC 2012-04-30 22:58:08 +02:00
serversalt.php Stronger server salt 2015-08-15 22:18:57 +02:00
sjcl.php XSS flaw correction 2015-08-15 22:01:43 +02:00
trafficlimiter.php XSS flaw correction 2015-08-15 22:01:43 +02:00
vizhash16x16.php XSS flaw correction 2015-08-15 22:01:43 +02:00
zerobin.php Time attack protection on hmac comparison 2015-08-15 23:44:03 +02:00