A flaw in PyCrypto allow remote attackers to obtain sensitive information.
|Package||dev-python/pycrypto on all architectures|
|Affected versions||<= 2.6.1-r2|
PyCrypto is the Python Cryptography Toolkit.
It was discovered that PyCrypto incorrectly generated ElGamal key parameters.
Attackers may be able to obtain sensitive information by reading ciphertext data.
There is no known workaround at this time.
Gentoo has discontinued support for PyCrypto. We recommend that users unmerge PyCrypto:
# emerge --unmerge “dev-python/pycrypto”
NOTE: The Gentoo developer(s) maintaining PyCrypto have discontinued support at this time. PyCryptodome is the canonical successor to PyCrypto.
July 31, 2020
July 31, 2020: 1