Fedora 27 : python-crypto (2018-913c225b49)
Medium Nessus Plugin ID 107033
SynopsisThe remote Fedora host is missing a security update.
DescriptionThe textbook ElGamal implementation is not secure. PyCrypto and some other implementations use the wrong algorithm, which may lead to some information disclosure simply by looking at the encrypted text. For a full description, see https://github.com/dlitz/pycrypto/issues/253
This update includes a fix for this problem backported from pycryptodome.
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected python-crypto package.