Amazon Linux AMI Security Advisory: ALAS-2013-243
Advisory Release Date: 2013-11-03 12:09 Pacific
Advisory Updated Date: 2014-09-16 21:51 Pacific
The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not properly reseed the pseudo-random number generator (PRNG) before allowing a child process to access it, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging a race condition in which a child process is created and accesses the PRNG within the same rate-limit period as another process.
Run yum update python-crypto to update your system.