1. 3
  1.  

  2. 2

    PSA: don’t use pycrypto, use https://pypi.python.org/pypi/cryptography

    1. 2

      I believe this is a link with technical details of the attack: http://seclists.org/oss-sec/2016/q4/760

      1. 1

        The CVE they link is from 2013! Is there a patch that didn’t make it into this distro?

        1. 2

          Sometimes a CVE is backdated. It’s the time the bug was first identified, not when it was fixed.

          http://www.openwall.com/lists/oss-security/2016/12/27/8