[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE request: weak PRNG in GNU Classpath
From: Florian Weimer <fw () deneb ! enyo ! de>
Date: 2008-12-06 10:11:31
Message-ID: 87bpvpmx4c.fsf () mid ! deneb ! enyo ! de
[Download RAW message or body]
<http://gcc.gnu.org/bugzilla/show_bug.cgi?id=38417>
The random number generator in the gnu.java.security.util.PRNG class
of GNU Classpath version 0.97.2 and earlier produces only a limited
number of distinct byte streams, which may lead to guessable
cryptographic key material and similar vulnerabilities.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic