[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

python-crypto / pycryptodome / CVE-2018-6594


According to the upstream bug report:

"This bug is prevalent. It exists in PyCryptodome and libgcrypt (if used
directly to encrypt messages)."

Anyone know what the connection is between these python libraries and
libgcrypt? Should libgcrypt be marked as vulnerable too?

I believe python-crypto / pycryptodome are native Python implementations
that don't use gcrypt, while gcrypt is a native C library that doesn't
use python-crypto / pycryptodome.

Brian May <brian@linuxpenguins.xyz>

Reply to: