openSUSE-SU-2025:0123-1

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2025:0123-1.json

JSON Data

https://api.test.osv.dev/v1/vulns/openSUSE-SU-2025:0123-1

Related

CVE-2025-1860

Published

2025-04-16T14:02:07Z

Modified

2025-04-17T12:30:40.103851Z

Upstream

CVE-2025-1860

Summary

Security update for perl-Data-Entropy

Details

This update for perl-Data-Entropy fixes the following issues:

Updated to 0.8.0 (0.008):

see /usr/share/doc/packages/perl-Data-Entropy/Changes

Version 0.008; 2025-03-27:

* Use Crypt::URandom to seed the default algorithm with
  cryptographically secure random bytes instead of the builtin
  rand() function (boo#1240395, CVE-2025-1860).
* This module has been marked as deprecated.
* A security policy was added.
* Remove use of Module::Build.
* Updated maintainer information.

References

Affected packages

SUSE:Package Hub 15 SP6 / perl-Data-Entropy

Package

Name: perl-Data-Entropy
Purl: pkg:rpm/suse/perl-Data-Entropy&distro=SUSE%20Package%20Hub%2015%20SP6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.8.0-bp156.4.3.1

Ecosystem specific

{
    "binaries": [
        {
            "perl-Data-Entropy": "0.8.0-bp156.4.3.1"
        }
    ]
}

openSUSE:Leap 15.6 / perl-Data-Entropy

Package

Name: perl-Data-Entropy
Purl: pkg:rpm/opensuse/perl-Data-Entropy&distro=openSUSE%20Leap%2015.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.8.0-bp156.4.3.1

Ecosystem specific

{
    "binaries": [
        {
            "perl-Data-Entropy": "0.8.0-bp156.4.3.1"
        }
    ]
}