Last modified: 2011-08-23 15:25:05 UTC
Per http://www.php.net/archive/2011.php#id2011-08-22-1 it should be wise to blacklist PHP 5.3.7 because of an issue with MD5: https://bugs.php.net/bug.php?id=55439 : "If crypt() is executed with MD5 salts, the return value conists of the salt only. DES and BLOWFISH salts work as expected."
We don't use crypt(), so why would we need to?
If MediaWiki is not effected, this bug can closed as INVALID?
Resolving per comment 1 and 2 :)
crypt() is used by LDAP Auth, pinged Ryan Lane on extension's talk page.