Re: RESEND: CVE Request: pwgen

[Kurt Seifried <kseifried () redhat com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/22/2013 05:39 PM, Michael Samuel wrote:
> On 23 October 2013 08:50, Solar Designer <solar () openwall com>
> wrote:
> > Michael, is the above correct?  If so, should Kurt reject
> > CVE-2013-4443? I think so.
>
> Yes, that was correct - if you generated 1 extremely long password 
> (rather than a ton of passwords) and made a histogram, there would
> be no bias.

Ok please REJECT CVE-2013-4443, not a vuln.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iQIcBAEBAgAGBQJSZylGAAoJEBYNRVNeJnmTKpsQAIrrnqvsrExNFw3xCjtbabGI
7/15Njx+WqWxECVlxWzvYs8POmojsV9lRKD9KOK31PTCOwc0hiMhE7lQQFS4JUIU
l+2XckTD9DgyTgK1X6ZStGTGb21WxzOMBlpLbDjx2h/1k5zKZOCReUdvpnkljJw2
OCv6cYegen5N4oQ6Q8apgCcGOXhm+fgL3iCxXoc0mif13E4gsZH3nGWluK39pCdN
y1vebI72jwHOKtSuU+0/CutYkhZkr3/+7tQn1jTLqOLjFyGjpdE+1Ow+V5ZnymzX
bDGLRzmIWS34F72i8mc+UW1Le8igVXdbuHbE7UNM/n72nFz/sWKtY3/t+BqpoHwl
qK3Rsf/ruOvCTfHPNw8bM1P0sWFJCoOWEY9G+p9gYQqHZPwsvhQ/1FX16wmWJ60l
tyOdQi4o4Hu8vhr/egthdujsbIp92kRyvNgoWXxDYjZD0nBxh2bYQ4tgTRYNWPDE
4gcxjEKNfJwwlzgVgbZMgHPNcewfz82HZZ82+HMc9UjvQjB+weum80dIiHNmjTPt
W6Pi7U5rNU8T4CIZkGB2Ow9vVKXc4AIH3RgvOASb5dAfeylp1NoPRvvjZMrFqcZE
5lpQxfj6AFq8QlwSyp3+C3xvWv/w3fBueJynWIPg6AoRrhxX+TjY8SYv2Q/YHJ+E
WVcByXDhVKtNhy5LQfHV
=KWYQ
-----END PGP SIGNATURE-----