openSUSE-SU-2020:2173-1

Опубликовано: 06 дек. 2020

Источник: suse-cvrf

Описание

Security update for python-cryptography

This update for python-cryptography fixes the following issues:

CVE-2020-25659: Attempted to mitigate Bleichenbacher attacks on RSA decryption (bsc#1178168).

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Список пакетов

openSUSE Leap 15.2

python2-cryptography-2.8-lp152.2.3.1

python3-cryptography-2.8-lp152.2.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6HSP2RSDCASVO7P7KBUV5GDZ6SYI6L7I/
E-Mail link for openSUSE-SU-2020:2173-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1178168
SUSE Bug 1178168
https://www.suse.com/security/cve/CVE-2020-25659/
SUSE CVE CVE-2020-25659 page

Описание

python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext.

Затронутые продукты

openSUSE Leap 15.2:python2-cryptography-2.8-lp152.2.3.1

openSUSE Leap 15.2:python3-cryptography-2.8-lp152.2.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-25659.html
CVE-2020-25659
https://bugzilla.suse.com/1178168
SUSE Bug 1178168
https://bugzilla.suse.com/1183152
SUSE Bug 1183152
https://bugzilla.suse.com/1218043
SUSE Bug 1218043

openSUSE-SU-2020:2173-1

Описание

Список пакетов

openSUSE Leap 15.2

Ссылки

Уязвимость: CVE-2020-25659

Описание

Затронутые продукты

Ссылки