/ 
Crypt-Random-1.52
River stage two • 11 direct dependents • 20 total dependents
Security Advisories (2)
CPANSA-Crypt-Random-2024-001

The makerandom program that comes with Crypt::Random adds module search paths in its shebang line, potentially leading to issues with unexpected modules being loaded

CVE-2025-1828 (2025-03-11)

Crypt::Random Perl package 1.05 through 1.55 may use rand() function, which is not cryptographically strong, for cryptographic functions. If the Provider is not specified and /dev/urandom or an Entropy Gathering Daemon (egd) service is not available Crypt::Random will default to use the insecure Crypt::Random::rand provider. In particular, Windows versions of perl will encounter this issue by default.

Changes for version 1.52

  • Add a chi square statistical test. t/chisquare.t
  • Uniform can be passed to the constructor of Crypt::Random::Generator. This should be the default, and will likely be in the next release.
  • Fixed minor bugs & typos.

Modules

Crypt::Random
Cryptographically Secure, True Random Number Generator.

Provides

Crypt::Random::Generator
in lib/Crypt/Random/Generator.pm
Crypt::Random::Provider::File
in lib/Crypt/Random/Provider/File.pm
Crypt::Random::Provider::devrandom
in lib/Crypt/Random/Provider/devrandom.pm
Crypt::Random::Provider::devurandom
in lib/Crypt/Random/Provider/devurandom.pm
Crypt::Random::Provider::egd
in lib/Crypt/Random/Provider/egd.pm
Crypt::Random::Provider::rand
in lib/Crypt/Random/Provider/rand.pm

Other files