Bug 241718 (CVE-2007-2453) - CVE-2007-2453 /dev/random broken
Summary: CVE-2007-2453 /dev/random broken
Alias: CVE-2007-2453
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Whiteboard: impact=important,source=vendorsec,rep...
Keywords: Security
Depends On:
TreeView+ depends on / blocked
Reported: 2007-05-29 19:11 UTC by Mark J. Cox
Modified: 2019-06-08 12:20 UTC (History)
4 users (show)

Clone Of:
Last Closed: 2007-11-07 19:50:16 UTC

Attachments (Terms of Use)
proposed patch (930 bytes, patch)
2007-05-29 19:15 UTC, Mark J. Cox
no flags Details | Diff

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2007:0959 normal SHIPPED_LIVE Updated kernel packages for Red Hat Enterprise Linux 5 Update 1 2007-11-08 00:47:37 UTC

Comment 2 Mark J. Cox 2007-05-29 19:15:51 UTC
Created attachment 155620 [details]
proposed patch

Comment 4 RHEL Product and Program Management 2007-05-29 20:23:59 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update

Comment 12 Mark J. Cox 2007-05-30 11:01:13 UTC
fixes were committed into git:

Comment 14 RHEL Product and Program Management 2007-06-01 19:21:54 UTC
This request was evaluated by Red Hat Kernel Team for inclusion in a Red
Hat Enterprise Linux maintenance release, and has moved to bugzilla 
status POST.

Comment 15 Mark J. Cox 2007-06-12 13:29:24 UTC
removing embargo, issue is public.

Comment 16 Don Zickus 2007-06-12 18:46:46 UTC
in 2.6.18-24.el5
You can download this test kernel from http://people.redhat.com/dzickus/el5

Comment 18 Mike Gahagan 2007-07-31 17:16:28 UTC
Verified patch is in and we have been carrying it since it went into the
z-stream kernels.

Comment 20 errata-xmlrpc 2007-11-07 19:50:16 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.