-
python-crypto (2.0.1+dfsg1-4ubuntu2.2) lucid-security; urgency=low
* SECURITY UPDATE: incorrect ElGamal key generation
- debian/patches/CVE-2012-2417.patch: generate safe prime numbers in
PublicKey/ElGamal.py, backport getRandomRange() to Util/number.py.
- CVE-2012-2417
-- Marc Deslauriers <email address hidden> Thu, 28 Jun 2012 09:20:19 -0400
-
python-crypto (2.0.1+dfsg1-4ubuntu2) lucid; urgency=low
* Build-depend on python-old-doctools instead of python2.5-dev.
-- Matthias Klose <email address hidden> Mon, 01 Feb 2010 18:38:00 +0100
-
python-crypto (2.0.1+dfsg1-4ubuntu1) karmic; urgency=low
* Merge from debian unstable (LP: #388002), remaining changes:
- Install the -dbg build using --install-layout=deb.
- The md5 module is deprecated in Python 2.6, use hashlib when possible.
- Explicitly use python2.5 to build the docs; the old doc tools are not
included in python2.6 anymore.
python-crypto (2.0.1+dfsg1-4) unstable; urgency=low
* Switched to quilt patches:
- errata-2.0.1.patch:
Syncs the source tree to the actually released 2.0.1 tarball.
- dfsg-adjust.patch:
Adjusts the build system to the DFSGified source, to deal with
the removed files.
- aes256-55bytes.patch:
Fixes the AES256 padding bug (Bug#474177).
- arc2-buffer-overflow.patch:
Fixes the ARC2 buffer overflow (Bug#516660).
- m68k-no-O3.patch:
Workaround GCC 4.0.1 ICE regarding -O3 on m68k. This patch is
deactived -- hopefully this is fixed in recent GCC.
* New patches:
- run-tests.patch:
Non-Debian part of the patch by Kees Cook <email address hidden>
to run test suite during build (closes: #518202).
- no-usr-local.patch:
Remove #!/usr/local/bin/python shebang line from Util/RFC1751.py.
* Run test suite during build.
* Added ${misc:Depends}.
* Added ${shlib:Depends} to python-crypto.
* Restored old changelog entries, which seem to got cut off between 2.
0.1+dfsg1-2.1 and 2.0.1+dfsg1-2.3 (by Matthias?).
* Typo fix for python-crypto-dbg description: python -> Python.
* Use ${binary:Version} instead of ${Source-Version}.
* Added debian/watch.
* Bump Standards-Version to 3.8.1:
- Added Homepage field to debian/control.
* Adjust copyright line in debian/copyright.
* Move python-crypto-dbg to section 'debug'.
* Add XB-Python-Version to python-crypto-dbg.
python-crypto (2.0.1+dfsg1-3) unstable; urgency=low
* Acknowlege NMUs.
* Apply fix for CVE-2009-0544 (Buffer overflow in the ARC2 module), and
a stand-alone version of the associated testcase (see
http://www.openwall.com/lists/oss-security/2009/02/07/1).
Closes: #516660.
-- Muharem Hrnjadovic <email address hidden> Tue, 16 Jun 2009 16:15:28 +0200