You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa python-rsa

Sigurnosni nedostaci programskog paketa python-rsa

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2016-70edfbbcef
2016-01-21 21:59:51.221200
——————————————————————————–

Name : python-rsa
Product : Fedora 23
Version : 3.3
Release : 2.fc23
URL : http://stuvel.eu/rsa
Summary : Pure-Python RSA implementation
Description :
Python-RSA is a pure-Python RSA implementation. It supports encryption
and decryption, signing and verifying signatures, and key generation
according to PKCS#1 version 1.5. It can be used as a Python library as
well as on the command-line.

——————————————————————————–
Update Information:

Fix for CVE-2016-1494
——————————————————————————–
References:

[ 1 ] Bug #1295871 – CVE-2016-1494 python-rsa: Signature forgery using Bleichenbacher’06 attack [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1295871
[ 2 ] Bug #1295870 – CVE-2016-1494 python-rsa: Signature forgery using Bleichenbacher’06 attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1295870
[ 3 ] Bug #1298335 – python-rsa-3.2.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1298335
[ 4 ] Bug #1297222 – Old version with security issues, please approve ACL
https://bugzilla.redhat.com/show_bug.cgi?id=1297222
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update python-rsa’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2016-c845706426
2016-01-23 22:24:31.906836
--------------------------------------------------------------------------------

Name        : python-rsa
Product     : Fedora 22
Version     : 3.3
Release     : 2.fc22
URL         : http://stuvel.eu/rsa
Summary     : Pure-Python RSA implementation
Description :
Python-RSA is a pure-Python RSA implementation. It supports encryption
and decryption, signing and verifying signatures, and key generation
according to PKCS#1 version 1.5. It can be used as a Python library as
well as on the command-line.

--------------------------------------------------------------------------------
Update Information:

Fix for CVE-2016-1494
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1295871 - CVE-2016-1494 python-rsa: Signature forgery using Bleichenbacher'06 attack [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1295871
  [ 2 ] Bug #1295870 - CVE-2016-1494 python-rsa: Signature forgery using Bleichenbacher'06 attack [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1295870
  [ 3 ] Bug #1298335 - python-rsa-3.2.3 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1298335
  [ 4 ] Bug #1297222 - Old version with security issues, please approve ACL
        https://bugzilla.redhat.com/show_bug.cgi?id=1297222
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program. Use
su -c 'yum update python-rsa' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
AutorMarko Stanec
Cert idNCERT-REF-2016-01-0041-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Sigurnosni propust programskog paketa rsync

Otkriven je sigurnosni propust u programskom paketu rsync za Fedoru. Propust potencijalnom udaljenom napadaču omogućuje pisanje po proizvoljnim datotekama pomoću...

Close