[Bug 1179380] Re: paste widget "password" generator uses (very) insecure randomness
mik
1179380 at bugs.launchpad.net
Mon Jul 22 23:50:08 UTC 2013
Last thing I heard was on oss-sec list:
Please use CVE-2013-2213 for KDE KRandom::random() CWE-334: Small
Space of Random Values.
So I guess patching KRandom to use qca::random (either using TLS or a
lock) would be the easy fix that would let people sleep at night.
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2213
--
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to kdeplasma-addons in Ubuntu.
https://bugs.launchpad.net/bugs/1179380
Title:
paste widget "password" generator uses (very) insecure randomness
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/kdeplasma-addons/+bug/1179380/+subscriptions
More information about the kubuntu-bugs
mailing list