You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
pycrypto is no longer maintained and should not be used anymore. An alternative library is pycryptodome, which provides an alternative that is still maintained and suitable for the purposes of this library.
However, note that some functions, such as XOR, are no longer available in pycryptodome, so those should be replaced by something like bytes([a ^ b for a, b in zip(itertools.cycle(key), data)])
There is currently a security vulnerability in pycrypto, so changing this is essential:
╞════════════════════════════╤═══════════╤══════════════════════════╤══════════╡
│ package │ installed │ affected │ ID │
╞════════════════════════════╧═══════════╧══════════════════════════╧══════════╡
│ pycrypto │ 2.6.1 │ <=2.6.1 │ 35015 │
╞══════════════════════════════════════════════════════════════════════════════╡
│ Heap-based buffer overflow in the ALGnew function in block_templace.c in │
│ Python Cryptography Toolkit (aka pycrypto) 2.6.1 allows remote attackers to │
│ execute arbitrary code as demonstrated by a crafted iv parameter to │
│ cryptmsg.py. │
╘══════════════════════════════════════════════════════════════════════════════╛
The text was updated successfully, but these errors were encountered:
pycrypto is no longer maintained and should not be used anymore. An alternative library is pycryptodome, which provides an alternative that is still maintained and suitable for the purposes of this library.
However, note that some functions, such as XOR, are no longer available in pycryptodome, so those should be replaced by something like
bytes([a ^ b for a, b in zip(itertools.cycle(key), data)])
There is currently a security vulnerability in pycrypto, so changing this is essential:
The text was updated successfully, but these errors were encountered: