[Bug 2484583] New: CVE-2026-8647 perl-Crypt-ScryptKDF: Crypt::ScryptKDF for Perl uses insecure random number source when no CSPRNG module is available [fedora-all]

Wed, 03 Jun 2026 16:25:08 -0700 

https://bugzilla.redhat.com/show_bug.cgi?id=2484583

            Bug ID: 2484583
           Summary: CVE-2026-8647 perl-Crypt-ScryptKDF: Crypt::ScryptKDF
                    for Perl uses insecure random number source when no
                    CSPRNG module is available [fedora-all]
           Product: Fedora
           Version: rawhide
            Status: NEW
        Whiteboard: {"flaws": ["7fa9feb6-f837-4145-be81-e118cd58c7b4"]}
         Component: perl-Crypt-ScryptKDF
          Keywords: Security, SecurityTracking
          Severity: medium
          Priority: medium
          Assignee: [email protected]
          Reporter: [email protected]
        QA Contact: [email protected]
                CC: [email protected], [email protected]
            Blocks: 2481746
  Target Milestone: ---
    Classification: Fedora



Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2484583

Report this comment as SPAM: 
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202484583%23c0

-- 
_______________________________________________
perl-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: 
https://forge.fedoraproject.org/infra/tickets/issues/new

Reply via email to