Package name
python-pycrypto
Date
2013-04-10
Advisory ID
MDVSA-2013:120
Affected versions
MBS1 x86_64

Problem description

Updated python-pycrypto package fixes security vulnerability:

PyCrypto before 2.6 does not produce appropriate prime numbers when
using an ElGamal scheme to generate a key, which reduces the signature
space or public key space and makes it easier for attackers to conduct
brute force attacks to obtain the private key (CVE-2012-2417).

Note: any ElGamal keys that have previously been generated by PyCrypto
should be regenerated after installing this update.

Updated packages

MBS1 x86_64

 1e4f298ab96e08555e5314c8fa73d050  mbs1/x86_64/python-pycrypto-2.3-3.1.mbs1.x86_64.rpm 
 bd9a308fc11c45024117d57eed49d4ae  mbs1/SRPMS/python-pycrypto-2.3-3.1.mbs1.src.rpm

References