Paketname
python-pycrypto
Datum
2013-10-28
Advisory ID
MDVSA-2013:262
Betroffene Versionen
MBS1 x86_64

Problembeschreibung

Updated python-pycrypto package fixes security vulnerability:

In PyCrypto before v2.6.1, the Crypto.Random pseudo-random number
generator (PRNG) exhibits a race condition that may cause it to
generate the same 'random' output in multiple processes that are
forked from each other. Depending on the application, this could
reveal sensitive information or cryptographic keys to remote attackers
(CVE-2013-1445).

Aktualisierte Pakete

MBS1 x86_64

 9e1d85ee578d7784fe684789718b7a16  mbs1/x86_64/python-pycrypto-2.3-3.2.mbs1.x86_64.rpm 
 bb1eee393936c861ea88e56fe6cbe206  mbs1/SRPMS/python-pycrypto-2.3-3.2.mbs1.src.rpm

Referenzen