In pwgen, phonemes mode was found to have heavy bias and is enabled by default. A workaround is suggested to add an argument --insecure-phonemes (or -P). There seems to be a patch here saying it fixes most of the issues: http://marc.info/?l=oss-security&m=137049241132104&w=4 References: http://seclists.org/oss-sec/2013/q4/116 http://www.openwall.com/lists/oss-security/2012/01/17/12 http://marc.info/?l=oss-security&m=137049241132104&w=4
Created pwgen tracking bugs for this issue: Affects: fedora-all [bug 1020249] Affects: epel-all [bug 1020250]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.