[Deepin Integration]~[v25-Release] fix(libcrypt-cbc-perl): CVE-2025-2814 by deepin-ci-robot@deepin-community/libcrypt-cbc-perl by deepin-community-ci-bot[bot]

[deepin-bot]

Package information | 软件包信息

包名	版本
libcrypt-cbc-perl	3.04-3deepin1

Package repository address | 软件包仓库地址

deb [trusted=yes] https://ci.deepin.com/repo/obs/deepin:/CI:/TestingIntegration:/test-integration-pr-3916/testing/ ./

Changelog | 更新信息

libcrypt-cbc-perl (3.04-3deepin1) unstable; urgency=medium

• Fix CVE-2025-2814: Use Crypt::URandom instead of insecure rand() for
  random bytes The _get_random_bytes function was using Perl's rand()
  function as a fallback when /dev/urandom is not available. This is
  cryptographically insecure. This patch replaces the fallback with
  Crypt::URandom which provides cryptographically secure random bytes.
  Also adds libcrypt-urandom-perl as a runtime dependency.

[deepin-bot]

Integration Test Info

Test suggestion | 测试建议

Influence | 影响范围

ADDITIONAL INFORMATION | 额外补充

[deepin-bot]

IntegrationProjector Notify the author
@deepin: Integrated issue updated

[deepin-bot]

IntegrationProjector Bot
Deepin Testing Integration Project Manager Info
Link to deepin-community/Repository-Integration#3916