Mandriva Linux Security Advisory : python-pycrypto (MDVSA-2012:117)
Medium Nessus Plugin ID 61968
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionA vulnerability has been discovered and corrected in python-pycrypto :
PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct brute-force attacks to obtain the private key (CVE-2012-2417).
The updated packages have been patched to correct this issue.
SolutionUpdate the affected python-pycrypto package.