Photon OS 1.0: Binutils / Httpd / Mercurial / Mysql / Net / Paramiko / Patch / Pycrypto / Python3 / Sqlite / Strongswan / Xerces PHSA-2018-1.0-0126 (deprecated)

An update of 'paramiko', 'mysql', 'mercurial', 'binutils', 'pycrypto', 'patch', 'sqlite-autoconf', 'httpd', 'python3', 'xerces-c', 'strongswan', 'net-snmp' packages of Photon OS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package...

Photon OS 2.0 : Zsh / Python3 / Xerces / Mercurial / Pmd / Pycrypto / Net / Python2 / Util / Mysql / Paramiko / Binutils / Patch / Sqlite (PhotonOS-PHSA-2018-2.0-0037) (deprecated)

An update of 'mercurial', 'python2', 'zsh', 'pycrypto', 'patch', 'binutils', 'paramiko', 'httpd', 'mysql', 'xerces-c', 'util-linux', 'net-snmp', 'python3', 'sqlite' packages of Photon OS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and...

Pycrypto generates weak key parameters

lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional Diffie-Hellman DDH...

GHSA-6528-WVF6-F6QG Pycrypto generates weak key parameters

lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional Diffie-Hellman DDH...

aacrgenie (>=9.0.0 <=12.5.0), aalam-common (=0.1.78) +549 more potentially affected by CVE-2018-6594 via pycrypto (>=2.4.1 <=2.6.1)

pycrypto PYPI version =2.4.1, =9.0.0, =0.0.8, =1.1.3, =1.0.1, =3.4.0, =0.4.0b0, =3.0.0b1, =0.0.2, =0.0.1, =1.0.0, =0.0.4, =0.3.1 and more Source cves: CVE-2018-6594 Source advisory: OSV:GHSA-6528-WVF6-F6QG...

EulerOS 2.0 SP3 : python-crypto (EulerOS-SA-2018-1168)

According to the version of the python-crypto package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Heap-based buffer overflow in the ALGnew function in blocktemplace.c in Python Cryptography Toolkit aka pycrypto allows remote attackers to...

Security Bulletin: A vulnerability in PyCrypto affects PowerKVM

Summary PowerKVM is affected by a vulnerability in python-crypto PyCrypto. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2013-7459 DESCRIPTION: PyCrypto is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the ALGnew function in...

Critical Photon OS Security Update - PHSA-2018-0126

Updates of 'httpd', 'strongswan', 'paramiko', 'python3', 'patch', 'mercurial', 'xerces-c', 'pycrypto', 'sqlite- autoconf', 'binutils', 'mysql', 'net-snmp' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2018-0037

Updates of 'linux-aws', 'mysql', 'paramiko', 'linux-secure', 'patch', 'python3', 'net-snmp', 'linux-esx', 'binutils', 'linux', 'mercurial', 'pycrypto', 'python2', 'util-linux', 'xerces-c', 'zsh', 'sqlite' packages of Photon OS have been released...

Amazon Linux AMI : python-crypto (ALAS-2018-977)

Weak ElGamal key parameters in PublicKey/ElGamal.py allow attackers to obtain sensitive information by reading ciphertext : lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext...

Medium: python-crypto

Issue Overview: Weak ElGamal key parameters in PublicKey/ElGamal.py allow attackers to obtain sensitive information by reading ciphertext: lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by...

Updated python-pycrypto packages fix security vulnerability

The textbook ElGamal implementation is not secure. PyCrypto and some other implementations use the wrong algorithm, which may lead to some information disclosure simply by looking at the encrypted text. For a full description, see https://github.com/dlitz/pycrypto/issues/253 This update includes ...

MGASA-2018-0171 Updated python-pycrypto packages fix security vulnerability

The textbook ElGamal implementation is not secure. PyCrypto and some other implementations use the wrong algorithm, which may lead to some information disclosure simply by looking at the encrypted text. For a full description, see https://github.com/dlitz/pycrypto/issues/253 This update includes ...

Fedora 26 : python-crypto (2018-0c75cc72bc)

The textbook ElGamal implementation is not secure. PyCrypto and some other implementations use the wrong algorithm, which may lead to some information disclosure simply by looking at the encrypted text. For a full description, see https://github.com/dlitz/pycrypto/issues/253 This update includes ...

[SECURITY] Fedora 26 Update: python-crypto-2.6.1-22.fc26

PyCrypto is a collection of both secure hash functions such as MD5 and SHA, and various encryption algorithms AES, DES, RSA, ElGamal, etc...

[SECURITY] Fedora 27 Update: python-crypto-2.6.1-22.fc27

PyCrypto is a collection of both secure hash functions such as MD5 and SHA, and various encryption algorithms AES, DES, RSA, ElGamal, etc...

CVE-2018-6594

lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional Diffie-Hellman DDH...

Weak ElGamal Parameters

PyCrypto uses weak ElGamal cryptography. Due to an incorrect implementation of ElGamal, the Decisional Diffie-Hellman DDH assumption doesn't hold because of the way the key parameters are generated. This allows attackers who have access to the cipher-text to decrypt the messages and potentially...

PyCrypto Information Disclosure Vulnerability

PyCrypto is an encryption toolkit written in Python that includes MD5, AES, DES3 and other encryption algorithms. A security vulnerability exists in the lib/Crypto/PublicKey/ElGamal.py file in PyCrypto 2.6.1 and earlier versions, which stems from the program generating weak ElGamal key parameters...

PYSEC-2018-97

lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional Diffie-Hellman DDH...