diff options
| author | Niklas Keller <me@kelunik.com> | 2016-11-20 19:22:19 +0100 |
|---|---|---|
| committer | Niklas Keller <me@kelunik.com> | 2016-11-20 19:22:19 +0100 |
| commit | 7a33d2f8a8d3dc5633646a576e37dc7a830c2f89 (patch) | |
| tree | bca3067cb70b5247b4fde9dd621883280a71043b /composer.lock | |
| parent | 1a7bdbcc52a00539a92b5a7b8cea26065c6c5c96 (diff) | |
| download | dokuwiki-7a33d2f8a8d3dc5633646a576e37dc7a830c2f89.tar.gz dokuwiki-7a33d2f8a8d3dc5633646a576e37dc7a830c2f89.zip | |
Use cryptographically secure pseudo random number generator (CSPRNG)
Uses paragonie/random_compat instead of insecure home-brewed code.
It's NEVER fine to fall back to mt_rand() for secure random.
Fixes #1760.
Diffstat (limited to 'composer.lock')
| -rw-r--r-- | composer.lock | 54 |
1 files changed, 51 insertions, 3 deletions
diff --git a/composer.lock b/composer.lock index 2442009f5..9a35ea729 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "hash": "23ee0dd06136e2301c930e75055300d5", + "content-hash": "203c74fd2582945e08dcab4324b70d55", "packages": [ { "name": "easybook/geshi", @@ -50,7 +50,55 @@ "highlighter", "syntax" ], - "time": "2016-03-29 13:15:17" + "time": "2016-03-29T13:15:17+00:00" + }, + { + "name": "paragonie/random_compat", + "version": "v2.0.4", + "source": { + "type": "git", + "url": "https://github.com/paragonie/random_compat.git", + "reference": "a9b97968bcde1c4de2a5ec6cbd06a0f6c919b46e" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/paragonie/random_compat/zipball/a9b97968bcde1c4de2a5ec6cbd06a0f6c919b46e", + "reference": "a9b97968bcde1c4de2a5ec6cbd06a0f6c919b46e", + "shasum": "" + }, + "require": { + "php": ">=5.2.0" + }, + "require-dev": { + "phpunit/phpunit": "4.*|5.*" + }, + "suggest": { + "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." + }, + "type": "library", + "autoload": { + "files": [ + "lib/random.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Paragon Initiative Enterprises", + "email": "security@paragonie.com", + "homepage": "https://paragonie.com" + } + ], + "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", + "keywords": [ + "csprng", + "pseudorandom", + "random" + ], + "time": "2016-11-07T23:38:38+00:00" }, { "name": "splitbrain/php-archive", @@ -97,7 +145,7 @@ "unzip", "zip" ], - "time": "2015-08-12 13:24:34" + "time": "2015-08-12T13:24:34+00:00" } ], "packages-dev": [], |