A "mathematical flaw" in the implementation of the El Gamal signature algorithm for LibTomCrypt 1.0 to 1.0.2 allows attackers to generate valid signatures without having the private key.Referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/20455http://www.securiteam.com/unixfocus/5JP092AFPG.htmlhttp://www.osvdb.org/16188http://www.securityfocus.com/bid/13473http://secunia.com/advisories/15233http://www.securityfocus.org/archive/1/397649
