Описание
Security update for python-M2Crypto
This update for python-M2Crypto fixes the following issues:
- CVE-2020-25657: Fixed Bleichenbacher timing attacks in the RSA decryption API (bsc#1178829).
Список пакетов
Image SLES12-SP5-Azure-BYOS
python3-M2Crypto-0.29.0-23.8.1
Image SLES12-SP5-Azure-Basic-On-Demand
python3-M2Crypto-0.29.0-23.8.1
Image SLES12-SP5-Azure-HPC-BYOS
python3-M2Crypto-0.29.0-23.8.1
Image SLES12-SP5-Azure-HPC-On-Demand
python3-M2Crypto-0.29.0-23.8.1
Image SLES12-SP5-Azure-SAP-BYOS
python3-M2Crypto-0.29.0-23.8.1
Image SLES12-SP5-Azure-SAP-On-Demand
python3-M2Crypto-0.29.0-23.8.1
Image SLES12-SP5-Azure-Standard-On-Demand
python3-M2Crypto-0.29.0-23.8.1
Image SLES12-SP5-EC2-BYOS
python3-M2Crypto-0.29.0-23.8.1
Image SLES12-SP5-EC2-ECS-On-Demand
python3-M2Crypto-0.29.0-23.8.1
Image SLES12-SP5-EC2-On-Demand
python3-M2Crypto-0.29.0-23.8.1
Image SLES12-SP5-EC2-SAP-BYOS
python3-M2Crypto-0.29.0-23.8.1
Image SLES12-SP5-EC2-SAP-On-Demand
python3-M2Crypto-0.29.0-23.8.1
Image SLES12-SP5-GCE-BYOS
python3-M2Crypto-0.29.0-23.8.1
Image SLES12-SP5-GCE-On-Demand
python3-M2Crypto-0.29.0-23.8.1
Image SLES12-SP5-GCE-SAP-BYOS
python3-M2Crypto-0.29.0-23.8.1
Image SLES12-SP5-GCE-SAP-On-Demand
python3-M2Crypto-0.29.0-23.8.1
SUSE Linux Enterprise Module for Public Cloud 12
python3-M2Crypto-0.29.0-23.8.1
SUSE Linux Enterprise Server 12 SP2-BCL
python-M2Crypto-0.29.0-23.8.1
python3-M2Crypto-0.29.0-23.8.1
SUSE Linux Enterprise Server 12 SP3-BCL
python-M2Crypto-0.29.0-23.8.1
python3-M2Crypto-0.29.0-23.8.1
SUSE Linux Enterprise Server 12 SP4-LTSS
python-M2Crypto-0.29.0-23.8.1
python3-M2Crypto-0.29.0-23.8.1
SUSE Linux Enterprise Server 12 SP5
python-M2Crypto-0.29.0-23.8.1
python3-M2Crypto-0.29.0-23.8.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
python-M2Crypto-0.29.0-23.8.1
python3-M2Crypto-0.29.0-23.8.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
python-M2Crypto-0.29.0-23.8.1
python3-M2Crypto-0.29.0-23.8.1
SUSE OpenStack Cloud 9
python-M2Crypto-0.29.0-23.8.1
python3-M2Crypto-0.29.0-23.8.1
SUSE OpenStack Cloud Crowbar 9
python-M2Crypto-0.29.0-23.8.1
python3-M2Crypto-0.29.0-23.8.1
Ссылки
- Link for SUSE-SU-2022:2527-1
- E-Mail link for SUSE-SU-2022:2527-1
- SUSE Security Ratings
- SUSE Bug 1178829
- SUSE CVE CVE-2020-25657 page
Описание
A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality.
Затронутые продукты
Image SLES12-SP5-Azure-BYOS:python3-M2Crypto-0.29.0-23.8.1
Image SLES12-SP5-Azure-Basic-On-Demand:python3-M2Crypto-0.29.0-23.8.1
Image SLES12-SP5-Azure-HPC-BYOS:python3-M2Crypto-0.29.0-23.8.1
Image SLES12-SP5-Azure-HPC-On-Demand:python3-M2Crypto-0.29.0-23.8.1
Ссылки
- CVE-2020-25657
- SUSE Bug 1178829
- SUSE Bug 1218044