[Python-modules-team] Bug#686104: python-django-registration: Not compatible with, Django 1.4.
Raphael Hertzog
hertzog at debian.org
Fri Aug 31 06:41:56 UTC 2012
On Thu, 30 Aug 2012, Winfried Tilanus wrote:
> The SHA1 hashes used in python-django-registration are publicly visible.
> An attack against the SHA1 in python-django-registration would not need
> a compromise of the database first, but can be performed against openly
> available data.
What openly available data are you referring to?
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Get the Debian Administrator's Handbook:
→ http://debian-handbook.info/get/
More information about the Python-modules-team
mailing list