Updated python-pycrypto packages fix CVE-2013-1445
Publication date: 25 Oct 2013Modification date: 25 Oct 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2013-1445
Description
Updated python-pycrypto package fixes security vulnerability: In PyCrypto before v2.6.1, the Crypto.Random pseudo-random number generator (PRNG) exhibits a race condition that may cause it to generate the same 'random' output in multiple processes that are forked from each other. Depending on the application, this could reveal sensitive information or cryptographic keys to remote attackers (CVE-2013-1445).
References
SRPMS
2/core
- python-pycrypto-2.3-2.2.mga2
3/core
- python-pycrypto-2.6-2.1.mga3