Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2012-2417

Published: 16 June 2012

PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct brute force attacks to obtain the private key.

Priority

Medium

Status

Package Release Status
python-crypto
Launchpad, Ubuntu, Debian 		hardy Ignored
(end of life)
lucid
Released (2.0.1+dfsg1-4ubuntu2.2)
natty
Released (2.1.0-2ubuntu1.1)
oneiric
Released (2.3-2ubuntu0.1)
precise
Released (2.4.1-1ubuntu0.1)
upstream
Released (2.6)
Patches:
upstream: https://github.com/Legrandin/pycrypto/commit/9f912f13df99ad3421eff360d6a62d7dbec755c2
upstream: https://github.com/Legrandin/pycrypto/commit/8c94c6f5ce5f579e9b896f32bac5dd3ff639fb5c
upstream: https://github.com/Legrandin/pycrypto/commit/c575de4f1815137a5800076ca669da911f4fd84d
vendor: http://www.debian.org/security/2012/dsa-2502

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading