Nom du paquet
python-pycrypto
Date
2013-10-28
Advisory ID
MDVSA-2013:262
Affected versions
MBS1 x86_64

Problem description

Updated python-pycrypto package fixes security vulnerability:

In PyCrypto before v2.6.1, the Crypto.Random pseudo-random number
generator (PRNG) exhibits a race condition that may cause it to
generate the same 'random' output in multiple processes that are
forked from each other. Depending on the application, this could
reveal sensitive information or cryptographic keys to remote attackers
(CVE-2013-1445).

Updated packages

MBS1 x86_64

 9e1d85ee578d7784fe684789718b7a16  mbs1/x86_64/python-pycrypto-2.3-3.2.mbs1.x86_64.rpm 
 bb1eee393936c861ea88e56fe6cbe206  mbs1/SRPMS/python-pycrypto-2.3-3.2.mbs1.src.rpm

References