Red Hat Bugzilla – Bug 1471816
CVE-2017-11343 chicken: Predictable symbol table due to using default libc seed in PRNG
Last modified: 2017-07-17 09:41:30 EDT
A flaw was found in CHICKEN Scheme symbol table randomization algorithm. The code that sets up the initial symbol table is run _before_ initializing the PRNG, which means the randomization factor uses the initial libc seed state. On most libc implementations this means the symbol table randomization factor is a constant value which does not differ between runs.
Created chicken tracking bugs for this issue:
Affects: epel-all [bug 1471818]
Affects: fedora-all [bug 1471817]