[Bug 225379] sysutils/qtpass: Update to 1.2.1

Mon Jan 22 14:32:52 UTC 2018

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=225379

--- Comment #1 from Anne Jan Brouwer <brouwer at annejan.com> ---
The way QtPass prior to 1.2.1 generates passwords is insecure.
---

All passwords generated with QtPass's built-in password generator are possibly
predictable and enumerable by hackers. The generator used libc's random(),
seeded with srand(msecs), where msecs is not the msecs since 1970 (not that
that'd be secure anyway), but rather the msecs since the last second.
This means there are only 1000 different sequences of generated passwords.

All passwords that have been generated with QtPass prior to 1.2.1 should be
regenerated and changed.

* Insecure password generation #338 #342
* Version 1.2.0 leaks passwords #334
* When importing settings from 1.1.5 or older clipboard settings revert to No
Clipboard #232
* Add Catalan translation #336 (rbuj)

-- 
You are receiving this mail because:
You are the assignee for the bug.