Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 488630 (CVE-2013-1445) - <dev-python/pycrypto-2.6.1 : PRNG not correctly reseeded in some situations (CVE-2013-1445)
Summary: <dev-python/pycrypto-2.6.1 : PRNG not correctly reseeded in some situations (...
Alias: CVE-2013-1445
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B3 [noglsa]
Depends on:
Reported: 2013-10-19 18:29 UTC by Agostino Sarubbo
Modified: 2013-12-03 19:25 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2013-10-19 18:29:34 UTC
From ${URL} :

In PyCrypto before v2.6.1, the Crypto.Random PRNG exhibits a race condition that may cause it to 
generate the same 'random' output in multiple processes that are forked from each other. Depending 
on the application, this could reveal sensitive information or cryptographic keys to remote 

An application may be affected if, within 100 milliseconds, it performs the following steps (which 
may be summarized as "read-fork-read-read"):

1. Read from the Crypto.Random PRNG, causing an internal reseed;
2. Fork the process and invoke Crypto.Random.atfork() in the child;
3. Read from the Crypto.Random PRNG again, in at least two different processes (parent and child, 
or multiple children).

Only applications that invoke Crypto.Random.atfork() and perform the above steps are affected by 
this issue.  Other applications are unaffected.

git repo:
v2.6.1 tag id: ebb470d3f0982702e3e9b7fb9ebdaeed95903aaf
v2.6.1 commit id: 7fd528d03b5eae58eef6fd219af5d9ac9c83fa50


@maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
Comment 1 Dirkjan Ochtman (RETIRED) gentoo-dev 2013-10-20 08:55:11 UTC
+  20 Oct 2013; Dirkjan Ochtman <> +pycrypto-2.6.1.ebuild:
+  Version bump pycrypto for bug 488630.

This should be fine for stabilization.
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2013-10-28 16:17:46 UTC
CVE-2013-1445 (
  The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not properly
  reseed the pseudo-random number generator (PRNG) before allowing a child
  process to access it, which makes it easier for context-dependent attackers
  to obtain sensitive information by leveraging a race condition in which a
  child process is created and accesses the PRNG within the same rate-limit
  period as another process.
Comment 3 Sergey Popov gentoo-dev 2013-10-28 16:19:02 UTC
(In reply to Dirkjan Ochtman from comment #1)
> +  20 Oct 2013; Dirkjan Ochtman <> +pycrypto-2.6.1.ebuild:
> +  Version bump pycrypto for bug 488630.
> This should be fine for stabilization.

Good. Arches, please test and mark stable =dev-python/pycrypto-2.6.1

Target keywords: alpha amd64 arm hppa ia64 ppc ppc64 sparc x86
Comment 4 Jeroen Roovers (RETIRED) gentoo-dev 2013-10-29 17:07:45 UTC
Stable for HPPA.
Comment 5 Agostino Sarubbo gentoo-dev 2013-10-31 15:55:34 UTC
amd64 / x86 stable
Comment 6 Agostino Sarubbo gentoo-dev 2013-11-01 18:11:26 UTC
ppc stable
Comment 7 Agostino Sarubbo gentoo-dev 2013-11-01 20:57:55 UTC
alpha stable
Comment 8 Agostino Sarubbo gentoo-dev 2013-11-02 07:33:20 UTC
ppc64 stable
Comment 9 Agostino Sarubbo gentoo-dev 2013-11-02 08:03:34 UTC
arm stable
Comment 10 Agostino Sarubbo gentoo-dev 2013-11-03 11:24:49 UTC
sparc stable
Comment 11 Agostino Sarubbo gentoo-dev 2013-11-12 20:13:48 UTC
ia64 stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 12 Dirkjan Ochtman (RETIRED) gentoo-dev 2013-11-12 21:21:01 UTC
Cleanup done.
Comment 13 Yury German Gentoo Infrastructure gentoo-dev 2013-11-13 06:51:36 UTC
Cleanup completed

Awaiting GLSA Vote
Comment 14 Sergey Popov gentoo-dev 2013-11-13 09:06:09 UTC
Thanks, everyone

GLSA vote: no
Comment 15 Chris Reffett (RETIRED) gentoo-dev Security 2013-12-03 19:25:32 UTC
GLSA vote: no. Closing noglsa.