Mangelnde Fehlerbehandlung in python-cryptography
ID: | FEDORA-2016-e77c8c1f3b |
Distribution: | Fedora |
Plattformen: | Fedora 23 |
Datum: | Sa, 19. November 2016, 10:38 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9243 |
Applikationen: | PyCA cryptography |
Originalnachricht |
|
Name : python-cryptography Product : Fedora 23 Version : 1.5.3 Release : 3.fc23 URL : https://cryptography.io/en/latest/ Summary : PyCA's cryptography library Description : cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. -------------------------------------------------------------------------------- Update Information: Rebase to 1.5.3 to fix CVE-2016-9243 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1393432 - CVE-2016-9243 python-cryptography: HKDF might return an empty byte-string [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1393432 [ 2 ] Bug #1361916 - python-cryptography - Missing python2-subpackage https://bugzilla.redhat.com/show_bug.cgi?id=1361916 [ 3 ] Bug #1279263 - python-cryptography-vectors needs upgrade for the security bug https://bugzilla.redhat.com/show_bug.cgi?id=1279263 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade python-cryptography' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org |