UbuntuUpdates.org

Package "python-cryptography"

Name: python-cryptography

Description:

Python library exposing cryptographic recipes and primitives (Python 2)

Latest version: 2.8-3ubuntu0.2
Release: focal (20.04)
Level: security
Repository: universe
Homepage: https://cryptography.io/

Links


Download "python-cryptography"


Other versions of "python-cryptography" in Focal

Repository Area Version
base main 2.8-3
base universe 2.8-3
security main 2.8-3ubuntu0.2
updates universe 2.8-3ubuntu0.2
updates main 2.8-3ubuntu0.2

Changelog

Version: 2.8-3ubuntu0.2 2023-12-06 17:06:55 UTC

  python-cryptography (2.8-3ubuntu0.2) focal-security; urgency=medium

  * SECURITY UPDATE: corrupted output via immutable objects
    - debian/patches/CVE-2023-23931.patch: don't allow update_into to
      mutate immutable objects in tests/hazmat/primitives/test_ciphers.py,
      src/cryptography/hazmat/backends/openssl/ciphers.py.
    - CVE-2023-23931

 -- Marc Deslauriers <email address hidden> Mon, 04 Dec 2023 15:04:00 -0500

Source diff to previous version
CVE-2023-23931 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions `Cipher.update_into` wou

Version: 2.8-3ubuntu0.1 2020-11-03 15:07:17 UTC

  python-cryptography (2.8-3ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Bleichenbacher timing oracle attack
    - debian/patches/CVE-2020-25659.patch: Attempt to mitigate
      Bleichenbacher attacks on RSA decryption docs/spelling_wordlist.txt,
      src/cryptography/hazmat/backends/openssl/rsa.py.
    - CVE-2020-25659

 -- <email address hidden> (Leonidas S. Barbosa) Wed, 28 Oct 2020 13:10:56 -0300

CVE-2020-25659 bleichenbacher timing oracle attack against RSA decryption



About   -   Send Feedback to @ubuntu_updates