Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector (IV) of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael.
Perl, please provide fixed ebuilds, thank you.
bumped to 2.17
arches, please test and mark stable, thanks
Stable on hppa & sparc (yeah i have an hppa box again).
Giving Alpha keywords for free.. who else wants another one ?
amd64 stable. ppc stable.
x86 stable.
ready for glsa vote. I tend to say yes - weak crypto is no funny thing.
stable on ppc64, too
I vote yes.
GLSA 200603-15 Thanks everybody