MDVSA-2013:241 -- Mandriva perl-Crypt-DSAID: oval:org.secpod.oval:def:1300226 | Date: (C)2013-11-01 (M)2022-10-10 |
Class: PATCH | Family: unix |
A vulnerability has been discovered and corrected in perl-Crypt-DSA: The Crypt::DSA module 1.17 and earlier for Perl, when /dev/random is absent, uses the Data::Random module, which makes it easier for remote attackers to spoof a signature, or determine the signing key of a signed message, via a brute-force attack . The updated packages have been patched to correct this issue.
Platform: |
Mandriva Enterprise Server 5.2 |