reseed(8) performs HTTP fetch of data from random.org
Bug #804594 reported by
Jeffrey Walton
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
reseed (Ubuntu) |
Triaged
|
Low
|
Unassigned |
Bug Description
reseed(8) performs an insecure HTTP fetch of data from random.org. The script is automatically executed when installed, and any time the user chooses to execute. In addition, the reseed man pages do not mention the data is retrieved over an insecure channel.
CVE References
To post a comment you must log in.
Have subscribed the security team to see if anyone there wants to chime in