Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 6 Jul 2009 22:56:40 +0400
From: Solar Designer <solar@...nwall.com>
To: announce@...ts.openwall.com
Subject: [openwall-announce] PHP 5.3.0+ integrates crypt_blowfish (and more)

Hi,

PHP 5.3.0 has been released, integrating our crypt_blowfish code right
into default builds of the PHP interpreter:

http://www.php.net/ChangeLog-5.php#5.3.0
http://www.openwall.com/crypt/

This is good news for users of our PHP password hashing framework,
phpass, because it means that the bcrypt hashes preferred by phpass will
be portable across systems running PHP 5.3.0+ (as well as portable to
some systems running older versions of PHP, like before), and that
fallbacks to weaker hash types will never occur on PHP 5.3.0+ (unless
forced by the programmer).

http://www.openwall.com/phpass/

PHP 5.3.0+ also integrates our revision of the FreeSec code from the
glibc package on Owl, implementing DES-based hashes.  All of this is due
to work by Pierre Joye.

Finally, PHP 5.3.0+ replaces the integrated implementation of MD5 with
one from popa3d for slightly better performance (e.g., of the phpass
"portable hashes", which are MD5-based).

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ