GitHub yaletsa makiyi a SSH kwa ogwiritsa ntchito makasitomala a Git omwe amagwiritsa ntchito laibulale ya JavaScript kuti apange makiyi. Mwachitsanzo, makiyi a Git kasitomala GitKraken adatsekedwa. Kusatetezekaku kumabweretsa kupanga makiyi a RSA odziwikiratu chifukwa cha cholakwika chomwe chimachepetsa kwambiri mtundu wa entropy popanga makiyi otsatizana mwachisawawa. Nkhaniyi inakonzedwa mu keypair 1.0.4 ndi GitKraken 8.0.1 kumasulidwa.
Chifukwa chomwe chinali pachiwopsezo chinali kugwiritsa ntchito kuyimba kwa "b.putByte(String.fromCharCode(next & 0xFF))" panthawi yopanga makiyi, ngakhale njira ya fromCharCode idayitanidwanso mu njira ya putByte. Kuyimba kuchokera kuCharCode kawiri (βString.fromCharCode(String.fromCharCode(next & 0xFF)β) kudapangitsa kuti buffer yambiri ya entropy idzaze ndi ziro, mwachitsanzo. fungulo linapangidwa kutengera deta "mwachisawawa", 97% yokhala ndi ziro.
Source: opennet.ru