UbuntuUpdates.org

Package "python3-crypto-dbg"

Name: python3-crypto-dbg

Description:

cryptographic algorithms and protocols for Python 3 (debug extension)

Latest version: 2.6.1-6ubuntu0.16.04.3
Release: xenial (16.04)
Level: updates
Repository: main
Head package: python-crypto
Homepage: http://www.pycrypto.org/

Links


Download "python3-crypto-dbg"


Other versions of "python3-crypto-dbg" in Xenial

Repository Area Version
base main 2.6.1-6build1
security main 2.6.1-6ubuntu0.16.04.3

Changelog

Version: 2.6.1-6ubuntu0.16.04.3 2018-04-03 21:06:50 UTC

  python-crypto (2.6.1-6ubuntu0.16.04.3) xenial-security; urgency=medium

  * SECURITY UPDATE: weak ElGamal key parameters
    - debian/patches/CVE-2018-6594.patch: use backported fix from
      pycryptodome in lib/Crypto/PublicKey/ElGamal.py.
    - CVE-2018-6594

 -- Marc Deslauriers <email address hidden> Fri, 30 Mar 2018 11:18:44 -0400

Source diff to previous version
CVE-2018-6594 lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive informati

Version: 2.6.1-6ubuntu0.16.04.2 2017-02-17 20:06:39 UTC

  python-crypto (2.6.1-6ubuntu0.16.04.2) xenial-security; urgency=medium

  * Update CVE-2013-7459: Print a warning, rather than raise an exception.
    Thanks to Sebastian Ramacher. (Closes: #1665598)

 -- Emily Ratliff <email address hidden> Fri, 17 Feb 2017 09:35:46 -0600

Source diff to previous version
CVE-2013-7459 Heap-based buffer overflow in the ALGnew function in block_templace.c ...

Version: 2.6.1-6ubuntu0.16.04.1 2017-02-16 17:06:39 UTC

  python-crypto (2.6.1-6ubuntu0.16.04.1) xenial-security; urgency=medium

  * SECURITY UPDATE: throw exception when IV used with ECB or CTR
    - debian/patches/CVE-2013-7459.patch: force exception when IV used ECB/CTR
    - CVE-2013-7459.patch

 -- Emily Ratliff <email address hidden> Tue, 14 Feb 2017 16:05:02 -0600

CVE-2013-7459 Heap-based buffer overflow in the ALGnew function in block_templace.c ...



About   -   Send Feedback to @ubuntu_updates