#1586 closed defect (somebody else's problem)
"PowmInsecureWarning: Not using mpz_powm_sec" warning from PyCrypto — at Version 7
| Reported by: | davidsarah | Owned by: | somebody |
|---|---|---|---|
| Priority: | normal | Milestone: | eventually |
| Component: | packaging | Version: | 1.9.0b1 |
| Keywords: | pycrypto-lib libgmp security sftp | Cc: | |
| Launchpad Bug: |
Description (last modified by zooko)
This warning occurs when importing PyCrypto 2.4.1 (possibly depending on how the PyCrypto egg for the current platform was built):
/usr/local/lib/python2.6/dist-packages/pycrypto-2.4.1-py2.6-linux-x86_64.egg/Crypto/Util/number.py:57: PowmInsecureWarning: Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attack vulnerability.
We probably just need to accelerate the programme to get rid of our dependency (via Twisted) on PyCrypto: http://twistedmatrix.com/trac/ticket/4633
Change History (7)
comment:1 Changed at 2011-11-17T22:52:27Z by davidsarah
- Description modified (diff)
comment:2 Changed at 2012-04-01T04:36:31Z by davidsarah
- Milestone changed from undecided to eventually
- Priority changed from minor to normal
comment:3 Changed at 2012-05-14T04:10:34Z by david-sarah@…
comment:4 Changed at 2012-05-14T14:53:56Z by david-sarah <david-sarah@…>
In 4b80299fddd7ece4:
comment:5 Changed at 2012-05-14T21:40:43Z by david-sarah@…
comment:6 Changed at 2012-05-15T15:59:54Z by zooko
I reviewed 4b80299fddd7ece4 and saw no problem with it.
comment:7 Changed at 2013-10-10T19:25:47Z by zooko
- Description modified (diff)
- Resolution set to fixed
- Status changed from new to closed
This was apparently fixed by the warning-suppression patch [4b80299fddd7ece4].
Note: See
TracTickets for help on using
tickets.
In 4b80299fddd7ece4: