Publishing details
Changelog
python-cryptography (3.3.2-1~20.04.sav4) focal; urgency=high
* SECURITY UPDATE: exposure of confidential data
- debian/patches/CVE-2023-50782.patch: update bindings in
src/_cffi_src/openssl/rsa.py to be compatible with new openssl version
1.1.1w-0ubuntu1~XX.04.sav2 (where XX is 16, 18, or 20), which fixes the
issue by changing PKCS#1 v1.5 RSA to return random output instead of an
exception when detecting wrong padding
- CVE-2023-50782
[ patch thanks to Jorge Sancho Larraz <email address hidden> ]
-- Rob Savoury <email address hidden> Mon, 04 Mar 2024 12:36:48 -0800
Builds
Built packages
-
python-cryptography
Python library exposing cryptographic recipes and primitives (Python 2)
-
python-cryptography-doc
Python library exposing cryptographic recipes and primitives (documentation)
-
python3-cryptography
Python library exposing cryptographic recipes and primitives (Python 3)
Package files