DescriptionPyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct brute force attacks to obtain the private key.
NVD CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Note from the SUSE Security Teampython-crypto is only included starting SUSE Linux Enterprise 11 and will receive updates for this problem. SUSE Bugzilla entry: 764127 SUSE Security Advisories:
- SUSE-SU-2012:0869-1, published Fri, 27 Sep 2013 22:04:10 +0200 (CEST)
- openSUSE-SU-2012:0830-1, published Wed, 4 Jul 2012 09:09:44 +0200 (CEST)
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE 11.4|| ||Patchnames: |