Cryptographically Secure Pseudorandom Number Generator
Uncategorized Blog Posts
CSPR.NG is now on Version 2 (dev branch)
We've upgraded our server to PHP 7.1 and CSPR.NG is now on dev-master from Github.
This is just a notice in case something breaks.
How to Contribute to Airship, Even If You're Not a Security Expert
If you believe in our mission to make online publishing safer for everyone, you may have considered contributing to CMS Airship already. Whether you share our desire to see data breaches become less frequent or you seek some open source work to put on your resume to improve your employment prospects, there are a myriad of ways to get involved. We greatly welcome anything you feel you can contribute.
What follows are some things we'd specifically ask for if given a choice.
CMS Airship Version 1.3.0 Released
CMS Airship < 1.1.2 - Stored XSS Post-Mortem
Earlier today, a stored XSS vulnerability was reported by Lucas Reschke and fixed in version 1.1.2. Unfortunately, this news arrived at the same time as I discovered the auto-updater was refusing to run. If you've set up your own Airship already, you'll need to manually update to the latest version (
CMS Airship Version 1.1.0 is out! Get it while it's hot. If you've enabled
minor updates in your Bridge, this update should be applied automatically.
When we released version 1.0 earlier this week, we weren't counting on receiving as much great feedback from the community, and we certainly didn't expect anyone to contribute significantly enough to tag 1.1 so soon. I'm delighted to say, our expectations weren't high enough.
Let's dive into what's changed in version 1.1.0:
I'll keep this brief. Go read The PHP Security Platinum Standard: Raising the Bar with CMS Airship for the release announcement.
If you're looking for the place to sign up for a supplier account to make your own extensions, you want https://airship.paragonie.com instead. (Warning: kind of ugly, need to update the CSS when I get a chance.)
Otherwise, feel free to create an account here and enjoy your stay.
Airship Beta 3 Released
This should be the last beta release before we tag version 1.0.0. When 1.0.0 is tagged, Airship will be in the scope of our bug bounty on HackerOne.
Paragon Initiative Enterprises is a little different from most vendors: We can tolerate full disclosure. Any updates we release will be deployed, by default, within an hour of their availability.
Airship Beta 2 Released
Welcome to the Public Airship Beta
Welcome to the public CMS Airship beta.
This domain demonstrates unreleased, in-development features of our upcoming CMS. What you are seeing is the current
master branch. As soon as
v0.2.0 is released, we'll begin working on the features for
v0.3.0 and they'll be publicly visible here.