pycryptodome 3.11.0+dfsg1-3ubuntu0.1 source package in Ubuntu
Changelog
pycryptodome (3.11.0+dfsg1-3ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: side-channel leakage for OAEP decryption
- debian/patches/CVE-2023-52323-1.patch: fix side-channel leakage in
RSA decryption.
- debian/patches/CVE-2023-52323-2.patch: avoid changing signature of
RSA._decrypt() method if possible.
- debian/patches/CVE-2023-52323-3.patch: use constant-time (faster)
padding decoding also for OAEP.
- CVE-2023-52323
-- Marc Deslauriers <email address hidden> Fri, 12 Jan 2024 13:06:01 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Jammy
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Jammy | updates | main | misc | |
| Jammy | security | main | misc |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| pycryptodome_3.11.0+dfsg1.orig.tar.xz | 1.7 MiB | 3aa7db9c780c08537522c3356da4790679df92cf6188e798f15d2e32fb0b7869 |
| pycryptodome_3.11.0+dfsg1-3ubuntu0.1.debian.tar.xz | 20.9 KiB | 6da495452eb5f5d3dde5d1048ec26d29de2c6b4cded7697a204ca00b3a37bd75 |
| pycryptodome_3.11.0+dfsg1-3ubuntu0.1.dsc | 2.4 KiB | e509df3324845db7dd06b9f847302ea2fbbd6a8282e3b090b9f8422781c52ff7 |
Available diffs
Binary packages built by this source
- python-pycryptodome-doc: cryptographic Python library (documentation)
PyCryptodome is a self-contained Python package of low-level
cryptographic primitives.
.
PyCryptodome is a fork of PyCrypto. It brings several enhancements
with respect to the last official version of PyCrypto (2.6.1),
for instance:
.
* Authenticated encryption modes (GCM, CCM, EAX, SIV, OCB)
* Accelerated AES on Intel platforms via AES-NI
* Elliptic curves cryptography (NIST P-256, P-384 and P-521 curves only)
* Better and more compact API (`nonce` and `iv` attributes for ciphers,
automatic generation of random nonces and IVs, simplified CTR cipher mode,
and more)
* SHA-3 (including SHAKE and cSHAKE XOFs), truncated SHA-512 and BLAKE2
hash algorithms
* Salsa20 and ChaCha20/XChaCha20 stream ciphers
* Poly1305 MAC
* ChaCha20-Poly1305 and XChaCha20-Poly1305 authenticated ciphers
* scrypt, bcrypt and HKDF derivation functions
* Deterministic (EC)DSA
* Password-protected PKCS#8 key containers
* Shamir's Secret Sharing scheme
* Random numbers get sourced directly from the OS (and not from a CSPRNG
in userspace)
* Cleaner RSA and DSA key generation (largely based on FIPS 186-4)
* Major clean ups and simplification of the code base
.
PyCryptodome is not a wrapper to a separate C library like *OpenSSL*.
To the largest possible extent, algorithms are implemented in pure Python.
Only the pieces that are extremely critical to performance (e.g. block ciphers)
are implemented as C extensions.
.
This is the documentation package.
- python3-pycryptodome: cryptographic Python library (Python 3)
PyCryptodome is a self-contained Python package of low-level
cryptographic primitives.
.
PyCryptodome is a fork of PyCrypto. It brings several enhancements
with respect to the last official version of PyCrypto (2.6.1),
for instance:
.
* Authenticated encryption modes (GCM, CCM, EAX, SIV, OCB)
* Accelerated AES on Intel platforms via AES-NI
* Elliptic curves cryptography (NIST P-256, P-384 and P-521 curves only)
* Better and more compact API (`nonce` and `iv` attributes for ciphers,
automatic generation of random nonces and IVs, simplified CTR cipher mode,
and more)
* SHA-3 (including SHAKE and cSHAKE XOFs), truncated SHA-512 and BLAKE2
hash algorithms
* Salsa20 and ChaCha20/XChaCha20 stream ciphers
* Poly1305 MAC
* ChaCha20-Poly1305 and XChaCha20-Poly1305 authenticated ciphers
* scrypt, bcrypt and HKDF derivation functions
* Deterministic (EC)DSA
* Password-protected PKCS#8 key containers
* Shamir's Secret Sharing scheme
* Random numbers get sourced directly from the OS (and not from a CSPRNG
in userspace)
* Cleaner RSA and DSA key generation (largely based on FIPS 186-4)
* Major clean ups and simplification of the code base
.
PyCryptodome is not a wrapper to a separate C library like *OpenSSL*.
To the largest possible extent, algorithms are implemented in pure Python.
Only the pieces that are extremely critical to performance (e.g. block ciphers)
are implemented as C extensions.
.
This is the Python 3 version of the package.
- python3-pycryptodome-dbgsym: debug symbols for python3-pycryptodome
