-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Reference: CERT-EU Security Advisory 2013-0083

Title: Vulnerability in python-crypto

Version history:
21.10.2013 Initial publication

Summary
=======
A cryptographic vulnerability was discovered in the pseudo random number generator in python-crypto. In some situations, a race condition could prevent the reseeding of the generator when multiple processes are forked from the same parent. This would lead it to generate identical output on all processes, which might leak sensitive values like cryptographic keys. [1]

Vulnerable systems
==================
python-crypto

What can you do?
================
We recommend that you upgrade your python-crypto packages.

What to tell your users?
========================
N/A

More information
================
[1] http://www.debian.org/security/2013/dsa-2781

Best regards,

CERT-EU Pre-configuration Team (http://cert.europa.eu)
Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu
PGP KeyID 0x46AC4383
FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383
Privacy Statement:
http://cert.europa.eu/cert/plainedition/en/cert_privacy.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBAgAGBQJSYUMuAAoJEPpzpNLI8SVobkQP/RSquXEIu9vsai1ujQEH9KRu
QsmdRZPXwNOZ4RBOT3MEPfPG1afO9799B47r+ChjXBufZUO3SQtDv2zDeLl6Bc6m
g4mtH/tPKc8hLBT19f+WZrBtDl+YfIKu7deWFzxvt3lAzzCGxJKWLX+p1ihk6Yci
u9iD6vXcv6hJLFcX77MT7Af+Mkw6iWhxNJTAwGJOd8OQSJYQIPuKjrV5XGooiRSN
X1cCbTe5grTK+HBqqZeXB8yvX0ThDno3dEzHcQWpTiBlPLI+nJDumY3B5k++oUU5
nPSMZLcccBk3FezXS07lXLAaOnTHe9C+xTT7j3mB5B/L7Gm1oHuz4bgo0vNNqOFt
Y6Lw3yug1vLkciaEwEepCzRXgoxsNmoFedJAkLVYw1F9ZFkYvfIBeTg1sE6hCaxw
/Kx7vMbTMXXYw4frTsu18E/HHJlDbRhAs+QYY9fOlWpfvhgzuGdBBzducTmkG2ZM
ZlQbMJPHixxmxddu+Z+EOKCSoimQp1GX3e9pMhQ74FFCXkn9EH2OBeznXFpBR2Rz
p0AVmyaJgEc+43KlzN8K5o2O9k9Cg/EUc7AAXtRyYD5MQ8r7cZNq2ac9wqfAdjOJ
br6BEUbh5WQD1AV/Zh7JMS5xffHcbsKPx4NHsFP5/ljB2s9EsIbq70ifKvlJ9GWQ
UIClMzzeFAQ4qICy4uVF
=nO8k
-----END PGP SIGNATURE-----