| Package | libdata-entropy-perl |
|---|---|
| Version | 0.007-3.1+deb11u1~deb10u1 (buster) |
| Related CVEs | CVE-2025-1860 |
The perl module Data::Entropy was using the cryptographically insecure rand() function as the default entropy source.
For Debian 10 buster, these problems have been fixed in version 0.007-3.1+deb11u1~deb10u1.
We recommend that you upgrade your libdata-entropy-perl packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.