[Bug 1179380] Re: paste widget "password" generator uses (very) insecure randomness
** Changed in: kdeplasma-addons (Debian) Status: New => Fix Released -- You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kdeplasma-addons in Ubuntu. https://bugs.launchpad.net/bugs/1179380 Title: paste widget "password" generator uses (very) insecure randomness To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kdeplasma-addons/+bug/1179380/+subscriptions -- kubuntu-bugs mailing list kubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 1179380] Re: paste widget password generator uses (very) insecure randomness
raring has seen the end of its life and is no longer receiving any updates. Marking the raring task for this ticket as Won't Fix. ** Changed in: kdeplasma-addons (Ubuntu Raring) Status: Incomplete = Won't Fix -- You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kdeplasma-addons in Ubuntu. https://bugs.launchpad.net/bugs/1179380 Title: paste widget password generator uses (very) insecure randomness To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kdeplasma-addons/+bug/1179380/+subscriptions -- kubuntu-bugs mailing list kubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 1179380] Re: paste widget password generator uses (very) insecure randomness
This issue has been rated low by the security team, so a fix for this issue will be bundled in the next security update that contains a medium or higher. Unsubscribing sponsors for now. -- You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kdeplasma-addons in Ubuntu. https://bugs.launchpad.net/bugs/1179380 Title: paste widget password generator uses (very) insecure randomness To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kdeplasma-addons/+bug/1179380/+subscriptions -- kubuntu-bugs mailing list kubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 1179380] Re: paste widget password generator uses (very) insecure randomness
Last thing I heard was on oss-sec list: Please use CVE-2013-2213 for KDE KRandom::random() CWE-334: Small Space of Random Values. So I guess patching KRandom to use qca::random (either using TLS or a lock) would be the easy fix that would let people sleep at night. ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-2213 -- You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kdeplasma-addons in Ubuntu. https://bugs.launchpad.net/bugs/1179380 Title: paste widget password generator uses (very) insecure randomness To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kdeplasma-addons/+bug/1179380/+subscriptions -- kubuntu-bugs mailing list kubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
[Bug 1179380] Re: paste widget password generator uses (very) insecure randomness
now fixed upstream as bug 36a1fe49cb70f717c4a6e92c9186503a8dce -- You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kdeplasma-addons in Ubuntu. https://bugs.launchpad.net/bugs/1179380 Title: paste widget password generator uses (very) insecure randomness To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kdeplasma-addons/+bug/1179380/+subscriptions -- kubuntu-bugs mailing list kubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs