Ticket #1081 (fixed bug)
openssl_random_pseudo_bytes() is not cryptographically secure
- Created: 2016-02-24 02:52:09
- Reported by: Visman
- Assigned to: Franz
- Milestone: 1.5.11
- Component: security
- Priority: normal
srand.php
if (function_exists('openssl_random_pseudo_bytes') &&
(version_compare(PHP_VERSION, '5.3.4') >= 0 ||
But the bug has been fixed in version 5.6.10 only https://bugs.php.net/bug.php?id=70014
History
Franz 2018-07-17 22:02:33

- Owner set to nsuchy.
Let's fix this by changing the version_compare() call accordingly.
The bug was fixed in 5.4 and 5.5 as well. Just search for "70014" on this PHP changelog.