LinuxSecurity.com: Thomas Biege discovered that the upstream fix for the weak random number generator released in DSA-1544-1 was incomplete: Source port randomization did still not use difficult-to-predict random numbers. This is corrected in this security update.
Original Source: http://www.linuxsecurity.com/content/view/139935?rdf
