GitHub ayaa ka xannibtay furayaasha SSH isticmaaleyaasha macaamiisha Git ee adeegsada maktabadda furaha JavaScript si ay u soo saaraan furayaasha. Tusaale ahaan, furayaasha macmiilka Git GitKraken waa la xannibay. Nuglaanta waxay keentaa abuurista furayaasha RSA ee la saadaalin karo sababtoo ah qalad si weyn u yareynaya tayada entropy marka la abuurayo isku xigxiga furayaasha. Arrinta waxaa lagu go'aamiyay furaha 1.0.4 iyo GitKraken 8.0.1 siidaynta.
Sababta u nuglaanshaha waxay ahayd isticmaalka "b.putByte(String.fromCharCode(xiga & 0xFF))" wac inta lagu guda jiro habka samaynta muhiimka ah, inkastoo xaqiiqda ah in kaCharCode habka mar kale loogu yeedhay habka putByte. Ka soo wacida CharCode laba jeer ("String.fromCharCode( String.fromCharCode(xiga & 0xFF)") waxay keentay in badi kaydka entropy lagu buuxiyo eber, i.e. furaha waxaa la soo saaray iyadoo lagu salaynayo xogta "random", 97% oo ka kooban eber.
Source: opennet.ru