[PXB-490] LP #1643949: CVE-2016-6225: xbcrypt/xtrabackup encryption is not setting the IV correctly - Percona JIRA

XML

Word

Printable

Details

Type: Bug
Status: Done
Priority: High
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
- migratedfromlp

Description

**Reported in Launchpad by Sergei Glushchenko last update 13-01-2017 09:55:04

xbcrypt is not setting the IV correctly (and thus is not using an IV)
This causes the same ciphertext to be generated across different runs (for the
same message/same key). The IV provides the extra randomness to ensure
that the same ciphertext is not generated across runs

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: lpjirasync (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 19/Jan/18 12:28 PM

Updated:: 19/Jan/18 12:29 PM

Resolved:: 19/Jan/18 12:29 PM