#31967: BridgeDB Server uses insecure pseudorandom generator for selecting
cached
captcha
------------------------------------+-----------------------------------
Reporter: willbarr | Owner: (none)
Type: defect | Status: needs_revision
Priority: Medium | Milestone:
Component: Circumvention/BridgeDB | Version: sbws: unspecified
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
------------------------------------+-----------------------------------
Changes (by dcf):
* status: needs_review => needs_revision
Comment:
It looks like the patch in comment:1 has some whitespace/indentation
problems. It might just be mangled by copy-and-paste. Try making a commit
in your local repo, and then run `git format-patch HEAD^!`. This will
create a patch file that you can attach and avoid any problems with
pasting into a text field.
It looks like you need to revise the patch to remove the `random.choice`
line, since you added the `random.SystemRandom().choice` replacement.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31967#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
[email protected]
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs
