Описание
Security update for python-cryptography
This update for python-cryptography fixes the following issues:
- CVE-2024-26130: Fixed NULL pointer dereference in pkcs12.serialize_key_and_certificates() (bsc#1220210).
Список пакетов
Image SLES15-SP4-BYOS-Azure
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-BYOS-EC2
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-HPC-BYOS
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-HPC-BYOS-Azure
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-HPC-BYOS-EC2
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-HPC-EC2
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-Hardened-BYOS-Azure
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-Hardened-BYOS-EC2
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-SAP
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-SAP-Azure
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-SAP-BYOS-Azure
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-SAP-BYOS-EC2
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-SAP-EC2
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-SAP-Hardened
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-SAP-Hardened-Azure
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-SAP-Hardened-BYOS
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-SAP-Hardened-BYOS-Azure
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-SAP-Hardened-BYOS-EC2
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-SAPCAL
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-SAPCAL-Azure
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-SAPCAL-EC2
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-Azure-3P
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-Azure-Basic
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-Azure-Standard
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-BYOS-Azure
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-BYOS-EC2
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-EC2
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-HPC-Azure
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-HPC-BYOS-Azure
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-HPC-BYOS-EC2
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-Hardened-BYOS-Azure
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-Hardened-BYOS-EC2
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-Manager-Server-5-0-EC2-llc
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-Manager-Server-5-0-EC2-ltd
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-SAP-Azure-3P
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-SAP-BYOS-Azure
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-SAP-BYOS-EC2
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-SAP-Hardened-Azure
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-SAP-Hardened-BYOS-Azure
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-SAP-Hardened-BYOS-EC2
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-SAPCAL-Azure
python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP5-SAPCAL-EC2
python311-cryptography-41.0.3-150400.16.15.1
SUSE Linux Enterprise Module for Python 3 15 SP5
python311-cryptography-41.0.3-150400.16.15.1
openSUSE Leap 15.5
python311-cryptography-41.0.3-150400.16.15.1
Ссылки
- Link for SUSE-SU-2024:0763-1
- E-Mail link for SUSE-SU-2024:0763-1
- SUSE Security Ratings
- SUSE Bug 1220210
- SUSE CVE CVE-2024-26130 page
Описание
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.
Затронутые продукты
Image SLES15-SP4-BYOS-Azure:python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-BYOS-EC2:python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-HPC-BYOS-Azure:python311-cryptography-41.0.3-150400.16.15.1
Image SLES15-SP4-HPC-BYOS-EC2:python311-cryptography-41.0.3-150400.16.15.1
Ссылки
- CVE-2024-26130
- SUSE Bug 1220210