PyCrypto: Weak key generation PyCrypto generates weak ElGamal keys. pycrypto 2012-06-24 2012-06-24: 1 417625 remote 2.6 2.6

PyCrypto is the Python Cryptography Toolkit.

An error in the generate() function in ElGamal.py causes PyCrypto to generate weak ElGamal keys.

A remote attacker might be able to derive private keys.

There is no known workaround at this time.

All PyCrypto users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-python/pycrypto-2.6"
CVE-2012-2417 ackle ackle