PublicDate: 2007-07-03 18:30:00 UTC
Candidate: CVE-2007-3528
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3528
Description:
 The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography
 by (1) discarding random bits by the blowfish::make_ivec function in
 libdar/crypto.cpp that results in predictable and repeating IV values, and
 (2) direct use of a password for keying, which makes it easier for
 context-dependent attackers to decrypt files.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_dar: ignored (reached end-of-life)
edgy_dar: needed (reached end-of-life)
feisty_dar: needed (reached end-of-life)
gutsy_dar: released (2.3.5-1)
hardy_dar: released (2.3.5-1)
intrepid_dar: released (2.3.5-1)
jaunty_dar: released (2.3.5-1)
karmic_dar: released (2.3.5-1)
devel_dar: released (2.3.5-1)
upstream_dar: needs-triage