Lintian Reports

E obsolete-des-encryption

All reports of obsolete-des-encryption for the archive. The extended description of this tag is:

The listed ELF binary appears to use a C library function that

     performs DES encryption and/or decryption (encrypt,
     encrypt_r, setkey, and/or setkey_r).
     The DES block cipher can be broken by brute force on modern hardware,
     which makes any use of these functions insecure. Also, programs that
     use these functions cannot be linked against the
     provided by glibc 2.28 and higher.
     The program will need to be revised to use modern cryptographic
     primitives and protocols. Depending on how the program uses these
     functions, it may be necessary to continue using DES under some
     circumstances (e.g. for protocol compatibility, or to retain the
     ability to decrypt old data on disk) but this should be done using
     the DES functions in a modern cryptographic library
     (e.g. libgcrypt).
     This is almost certainly an upstream bug, and should be addressed
     in coordination with the upstream maintainers of the software.
     A false positive for this check is possible if the binary expects the
     definition of encrypt, encrypt_r, setkey,
     and/or setkey_r to come from some shared library other than, and that shared library defines these
     functions to do something other than perform DES encryption. If this
     is the case it is appropriate to override this tag.

Severity: important, Certainty: possible

Check: binaries, Type: binary, udeb

Emitted (non-overridden): 4, overridden: 0, total: 4

The package names link to the relevant maintainer page and the corresponding report for the source package. The links go to the full maintainer report page, which includes info and experimental tags and overridden tags, rather than the default page that shows only errors and warnings.

cairo-dock-core 3.4.1-3 (binary) (Debian Cairo-dock Maintainers <>)

pidgin-librvp 0.9.7cvs-1.1 (binary) (Devin Carraway <>)