Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
  • Sign in
  • typo3 typo3
  • Project information
    • Project information
    • Activity
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
    • Locked Files
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Container Registry
  • Analytics
    • Analytics
    • CI/CD
    • Insights
    • Repository
  • Activity
  • Graph
  • Jobs
  • Commits
Collapse sidebar
  • typo3typo3
  • typo3typo3
  • Repository
Switch branch/tag
  • typo3
  • ..
  • FieldControl
  • LinkPopup.php
Find file BlameHistoryPermalink
  • Oliver Hader's avatar
    [SECURITY] Avoid ambiguous HMAC results · 85d3e70d
    Oliver Hader authored Jul 28, 2020 and Oliver Hader's avatar Oliver Hader committed Jul 28, 2020
    Cryptographic hashes being calculated from and for query
    parameters must only be used for a specific use-case or
    scope in order to avoid resulting hashes being ambiguous.
    
    Resolves: #91689
    Releases: master, 10.4, 9.5
    Change-Id: I59ca16fe71e27195b98a822607aab564425d248d
    Security-Bulletin: TYPO3-CORE-SA-2020-008
    Security-References: CVE-2020-15098
    Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65125
    
    
    Tested-by: Oliver Hader's avatarOliver Hader <oliver.hader@typo3.org>
    Reviewed-by: Oliver Hader's avatarOliver Hader <oliver.hader@typo3.org>
    85d3e70d