Just a head up,
classpath's CVS already has a fix for this:
gnu/java/security/jce/prng/SecureRandomAdapter.java
gnu/javax/crypto/jce/prng/ARCFourRandomSpi.java
gnu/javax/crypto/jce/prng/CSPRNGSpi.java
gnu/javax/crypto/jce/prng/FortunaImpl.java
gnu/javax/crypto/jce/prng/ICMRandomSpi.java
gnu/jav
Source: classpath
Version: <= 0.97.2
Severity: grave
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for classpath.
CVE-2008-5659[0]:
| The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and
| earlier uses a predictable seed based on the syste
2 matches
Mail list logo
