[tahoe-lafs-trac-stream] [tahoe-lafs] #2094: rebuild (if necessary) PyCrypto eggs to use libgmp >= 5, to mitigate RSA timing attack
tahoe-lafs
trac at tahoe-lafs.org
Thu Oct 17 14:54:00 UTC 2013
#2094: rebuild (if necessary) PyCrypto eggs to use libgmp >= 5, to mitigate RSA
timing attack
-------------------------------------------------+-------------------------
Reporter: daira | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: packaging | undecided
Keywords: pycrypto-lib libgmp rsa security | Version: 1.10.0
sftp packaging eggs | Launchpad Bug:
-------------------------------------------------+-------------------------
The !PyCrypto eggs at [https://tahoe-lafs.org/source/tahoe-lafs/deps
/tahoe-dep-eggs/] may need to be rebuilt against libgmp >= 5 in order to
mitigate a timing attack. I don't know what libgmp versions the eggs
currently hosted there are built against. See also #1586, which suppressed
the (mostly useless to end-users) warning about this.
--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/2094>
tahoe-lafs <https://tahoe-lafs.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list