exploitDog

SUSE-SU-2024:0585-1

Опубликовано: 22 фев. 2024

Источник: suse-cvrf

Описание

Security update for python-pycryptodome

This update for python-pycryptodome fixes the following issues:

CVE-2023-52323: Fixed side-channel leakage in RSA decryption by using constant-time (faster) padding decoding for OAEP (bsc#1218564).

Список пакетов

SUSE Linux Enterprise Module for Public Cloud 15 SP2

python3-pycryptodome-3.9.0-150100.3.6.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20240585-1/
Link for SUSE-SU-2024:0585-1
https://lists.suse.com/pipermail/sle-security-updates/2024-February/017991.html
E-Mail link for SUSE-SU-2024:0585-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1218564
SUSE Bug 1218564
https://www.suse.com/security/cve/CVE-2023-52323/
SUSE CVE CVE-2023-52323 page

Описание

PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack.

Затронутые продукты

SUSE Linux Enterprise Module for Public Cloud 15 SP2:python3-pycryptodome-3.9.0-150100.3.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-52323.html
CVE-2023-52323
https://bugzilla.suse.com/1218564
SUSE Bug 1218564
https://bugzilla.suse.com/1226977
SUSE Bug 1226977