Opened at 2011-11-17T22:50:31Z
Last modified at 2013-10-17T14:54:59Z
#1586 closed defect
"PowmInsecureWarning: Not using mpz_powm_sec" warning from PyCrypto — at Version 1
| Reported by: | davidsarah | Owned by: | somebody |
|---|---|---|---|
| Priority: | normal | Milestone: | eventually |
| Component: | packaging | Version: | 1.9.0b1 |
| Keywords: | pycrypto-lib libgmp security sftp | Cc: | |
| Launchpad Bug: |
Description (last modified by davidsarah)
This warning occurs when importing PyCrypto 2.4.1 (possibly depending on how the PyCrypto egg for the current platform was built):
/usr/local/lib/python2.6/dist-packages/pycrypto-2.4.1-py2.6-linux-x86_64.egg/Crypto/Util/number.py:57: PowmInsecureWarning: Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attack vulnerability.
We probably just need to accelerate the programme to get rid of our dependency (via Twisted) on PyCrypto: http://twistedmatrix.com/trac/ticket/4633
Change History (1)
comment:1 Changed at 2011-11-17T22:52:27Z by davidsarah
- Description modified (diff)
Note: See
TracTickets for help on using
tickets.
