Mandriva Linux Security Advisory : python-pycrypto (MDVSA-2013:120)
Medium Nessus Plugin ID 66132
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionUpdated python-pycrypto package fixes security vulnerability :
PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct brute-force attacks to obtain the private key (CVE-2012-2417).
Note: any ElGamal keys that have previously been generated by PyCrypto should be regenerated after installing this update.
SolutionUpdate the affected python-pycrypto package.