Register | Log in

ruby-bcrypt

Ruby binding for the bcrypt() password hashing algorithm

Choose email to subscribe with

general

source: ruby-bcrypt (main)
version: 3.1.22-1
maintainer: Debian Ruby Team (archive) (DMD)
uploaders: Cédric Boutillier [DMD]
arch: any
std-ver: 4.7.3
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 3.1.16-1
oldstable: 3.1.18-1
stable: 3.1.20-1
testing: 3.1.22-1
unstable: 3.1.22-1

versioned links

3.1.16-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.1.18-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.1.20-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.1.22-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

ruby-bcrypt

action needed

1 security issue in trixie high

There is 1 open security issue in trixie.

1 important issue:

CVE-2026-33306: bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt() password hashing algorithm. Prior to version 3.1.22, an integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. The JRuby implementation of bcrypt-ruby (`BCrypt.java`) computes the key-strengthening round count as a signed 32-bit integer. When `cost=31` (the maximum allowed by the gem), signed integer overflow causes the round count to become negative, and the strengthening loop executes **zero iterations**. This collapses bcrypt from 2^31 rounds of exponential key-strengthening to effectively constant-time computation — only the initial EksBlowfish key setup and final 64x encryption phase remain. The resulting hash looks valid (`$2a$31$...`) and verifies correctly via `checkpw`, making the weakness invisible to the application. This issue is triggered only when cost=31 is used or when verifying a `$2a$31$` hash. This problem has been fixed in version 3.1.22. As a workaround, set the cost to something less than 31.

Created: 2026-03-22 Last update: 2026-04-02 11:18

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2026-33306: bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt() password hashing algorithm. Prior to version 3.1.22, an integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. The JRuby implementation of bcrypt-ruby (`BCrypt.java`) computes the key-strengthening round count as a signed 32-bit integer. When `cost=31` (the maximum allowed by the gem), signed integer overflow causes the round count to become negative, and the strengthening loop executes **zero iterations**. This collapses bcrypt from 2^31 rounds of exponential key-strengthening to effectively constant-time computation — only the initial EksBlowfish key setup and final 64x encryption phase remain. The resulting hash looks valid (`$2a$31$...`) and verifies correctly via `checkpw`, making the weakness invisible to the application. This issue is triggered only when cost=31 is used or when verifying a `$2a$31$` hash. This problem has been fixed in version 3.1.22. As a workaround, set the cost to something less than 31.

Created: 2026-03-22 Last update: 2026-04-02 11:18

1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:

CVE-2026-33306: bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt() password hashing algorithm. Prior to version 3.1.22, an integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. The JRuby implementation of bcrypt-ruby (`BCrypt.java`) computes the key-strengthening round count as a signed 32-bit integer. When `cost=31` (the maximum allowed by the gem), signed integer overflow causes the round count to become negative, and the strengthening loop executes **zero iterations**. This collapses bcrypt from 2^31 rounds of exponential key-strengthening to effectively constant-time computation — only the initial EksBlowfish key setup and final 64x encryption phase remain. The resulting hash looks valid (`$2a$31$...`) and verifies correctly via `checkpw`, making the weakness invisible to the application. This issue is triggered only when cost=31 is used or when verifying a `$2a$31$` hash. This problem has been fixed in version 3.1.22. As a workaround, set the cost to something less than 31.

Created: 2026-03-22 Last update: 2026-04-02 11:18

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.4 instead of 4.7.3).

Created: 2026-03-31 Last update: 2026-03-31 15:01

news

[2026-04-03] ruby-bcrypt 3.1.22-1 MIGRATED to testing (Debian testing watch)
[2026-03-22] Accepted ruby-bcrypt 3.1.22-1 (source) into unstable (Simon Quigley)
[2026-03-15] ruby-bcrypt 3.1.21-1 MIGRATED to testing (Debian testing watch)
[2026-02-10] Accepted ruby-bcrypt 3.1.21-1 (source) into unstable (Simon Quigley)
[2024-11-23] ruby-bcrypt 3.1.20-1 MIGRATED to testing (Debian testing watch)
[2024-11-20] Accepted ruby-bcrypt 3.1.20-1 (source) into unstable (Jérôme Charaoui)
[2023-02-09] ruby-bcrypt 3.1.18-1 MIGRATED to testing (Debian testing watch)
[2023-02-05] Accepted ruby-bcrypt 3.1.18-1 (source) into unstable (Cédric Boutillier)
[2022-05-07] ruby-bcrypt 3.1.17-1 MIGRATED to testing (Debian testing watch)
[2022-05-05] Accepted ruby-bcrypt 3.1.17-1 (source) into unstable (Cédric Boutillier)
[2020-12-30] ruby-bcrypt 3.1.16-1 MIGRATED to testing (Debian testing watch)
[2020-12-27] Accepted ruby-bcrypt 3.1.16-1 (source) into unstable (Cédric Boutillier)
[2020-09-02] ruby-bcrypt 3.1.15-2 MIGRATED to testing (Debian testing watch)
[2020-08-28] Accepted ruby-bcrypt 3.1.15-2 (source) into unstable (Cédric Boutillier)
[2020-07-31] Accepted ruby-bcrypt 3.1.15-1 (source) into unstable (Cédric Boutillier)
[2020-02-21] ruby-bcrypt 3.1.13-2 MIGRATED to testing (Debian testing watch)
[2020-02-19] Accepted ruby-bcrypt 3.1.13-2 (source) into unstable (Lucas Kanashiro)
[2020-01-28] Accepted ruby-bcrypt 3.1.13-1 (source) into unstable (Cédric Boutillier)
[2018-10-02] ruby-bcrypt 3.1.12-1 MIGRATED to testing (Debian testing watch)
[2018-09-30] Accepted ruby-bcrypt 3.1.12-1 (source) into unstable (Cédric Boutillier)
[2016-05-11] ruby-bcrypt 3.1.11-1 MIGRATED to testing (Debian testing watch)
[2016-05-05] Accepted ruby-bcrypt 3.1.11-1 (source) into unstable (Christian Hofstaedtler)
[2015-06-27] ruby-bcrypt 3.1.10-1 MIGRATED to testing (Britney)
[2015-06-21] Accepted ruby-bcrypt 3.1.10-1 (source amd64) into unstable (Cédric Boutillier)
[2015-05-02] Accepted ruby-bcrypt 3.1.10-1~exp1 (source amd64) into experimental (Cédric Boutillier)
[2014-04-10] ruby-bcrypt 3.1.7-2 MIGRATED to testing (Debian testing watch)
[2014-04-04] Accepted ruby-bcrypt 3.1.7-2 (source amd64) (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2014-03-10] ruby-bcrypt 3.1.7-1 MIGRATED to testing (Debian testing watch)
[2014-03-04] Accepted ruby-bcrypt 3.1.7-1 (source amd64) (Cédric Boutillier)
[2013-12-19] ruby-bcrypt 3.1.2-2 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 0

links

homepage
lintian
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 3.1.21-1

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing