commit cd10f409d91b5a9bbaaa319a196a71f1d4686612 Author: agix columbeff@gmail.com Date: Tue Mar 24 15:11:08 2020 +0100

Fixed the insecure pseudorandom generator for selecting captcha

Signed-off-by: Philipp Winter phw@nymity.ch --- bridgedb/captcha.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bridgedb/captcha.py b/bridgedb/captcha.py index 2bdf6b9..adc1c46 100644 --- a/bridgedb/captcha.py +++ b/bridgedb/captcha.py @@ -389,7 +389,7 @@ class GimpCaptcha(Captcha): and a challenge string (used for checking the client's solution). """ try: - imageFilename = random.choice(os.listdir(self.cacheDir)) + imageFilename = random.SystemRandom().choice(os.listdir(self.cacheDir)) imagePath = os.path.join(self.cacheDir, imageFilename) with open(imagePath, 'rb') as imageFile: self.image = imageFile.read()