[CVE-2012-2146] The 'acts_as_encrypted' feature of Elixir does not correctly initialize the random seed for the Blowfish encryption algorithm, and is therefore insecure. This option adds a new optional AES mode which does not suffer this problem, plus a warning is now printed when insecure Blowfish encryption is used.

This update has been submitted for testing by dcallagh.

7 years ago

This update is currently being pushed to the Fedora EPEL 5 testing updates repository.

7 years ago

This update is currently being pushed to the Fedora EPEL 5 testing updates repository.

7 years ago

This update has been pushed to testing

7 years ago

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

7 years ago

This update has been submitted for stable by dcallagh.

7 years ago

This update is currently being pushed to the Fedora EPEL 5 stable updates repository.

7 years ago

This update is currently being pushed to the Fedora EPEL 5 stable updates repository.

7 years ago

This update is currently being pushed to the Fedora EPEL 5 stable updates repository.

7 years ago

This update has been pushed to stable

7 years ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
7 years ago
in testing
7 years ago
in stable
7 years ago
BZ#810013 CVE-2012-2146 python-elixir: weak use of crypto can leak information
0
0
BZ#923221 CVE-2012-2146 python-elixir: weak use of crypto can leak information [epel-5]
0
0

Automated Test Results