Explore top 10 tips to secure your open-source projects now. Read More
×Crypt::DSA is an implementation of the DSA (Digital Signature Algorithm)
signature verification system. This package provides DSA signing, signature
verification, and key generation.
DSA (Digital Signature Algorithm) signatures are no longer considered to be
adequate for security. This module should only be used for verifying old
signatures and should not be used for new signatures. That being said, some
technologies still require DSA signatures even now. Consider using other
solutions or explicitly not using DSA signatures. Crypt-DSA-GMP is a possible
replacement.
Update Information:
This update, to the current upstream release, addresses a cryptographic flaw (modulo bias) in key generation that could lead to private key compromise (CVE-2026-14570) .
* Fri Jul 3 2026 Paul Howarth
[ 1 ] Bug #2497529 - CVE-2026-14570 perl-Crypt-DSA: Crypt::DSA: Private key recovery due to biased random number generation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2497529
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b77b9c5f04' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
Get the latest Linux and open source security news straight to your inbox.