Impact
This weakness allows the force decryption of locked text by hackers. The issue is NOT critical for non-secure applications, however may be critical in a situation where the highest levels of security are required. This issue ONLY affects v1.6 and does not affect anything pre-1.6. Upgrading to 1.7 is advised.
Patches
The vulnerability has been patched in release 1.7.
Workarounds
Currently there is no way to fix the issue without upgrading.
References
CWE-327
CWE-328
For more information
If you have any questions or comments about this advisory:
Impact
This weakness allows the force decryption of locked text by hackers. The issue is NOT critical for non-secure applications, however may be critical in a situation where the highest levels of security are required. This issue ONLY affects v1.6 and does not affect anything pre-1.6. Upgrading to 1.7 is advised.
Patches
The vulnerability has been patched in release 1.7.
Workarounds
Currently there is no way to fix the issue without upgrading.
References
CWE-327
CWE-328
For more information
If you have any questions or comments about this advisory: