110 matches found
Debian: Security Advisory (DLA-1283-2)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1283-1] python-crypto security update
Package : python-crypto Version : 2.6-4+deb7u8 CVE ID : CVE-2018-6594 Debian Bug : 889999 python-crypto generated weak ElGamal key parameters, which allowed attackers to obtain sensitive information by reading ciphertext data i.e., it did not have semantic security in face of a ciphertext-only...
DLA-1283-1 python-crypto - security update
Bulletin has no description...
Debian DLA-1283-2 : python-crypto security update
This is an update to DLA-1283-1. In DLA-1283-1 it is claimed that the issue described in CVE-2018-6594 is fixed. It turns out that the fix is partial and upstream has decided not to fix the issue as it would break compatibility and that ElGamal encryption was not intended to work on its own. The...
Ubuntu 12.04 LTS : python-crypto vulnerability (USN-3199-3)
USN-3199-1 fixed a vulnerability in Python Crypto. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that the ALGnew function in blocktemplace.c in the Python Cryptography Toolkit contained a heap-based buffer overflow vulnerability. A remote attacker could use...
Amazon Linux AMI : python-crypto (ALAS-2017-801)
A heap-buffer overflow vulnerability was discovered in cryptopp. This vulnerability can be used to remotely gain access to shell. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security Advisory ALAS-2017-801...
Important: python-crypto
Issue Overview: A heap-buffer overflow vulnerability was discovered in cryptopp. This vulnerability can be used to remotely gain access to shell. Affected Packages: python-crypto Issue Correction: Run yum update python-crypto or yum update --advisory ALAS-2017-801 to update your system.Run yum...
Ubuntu 14.04 LTS / 16.04 LTS : Python Crypto regression (USN-3199-2)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3199-2 advisory. USN-3199-1 fixed a vulnerability in the Python Cryptography Toolkit. Unfortunately, various programs depended on the original behavior of the Python...
Fedora Update for python-crypto FEDORA-2017-7c569d396b
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for python-crypto FEDORA-2017-08207fe48b
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 24 : python-crypto (2017-08207fe48b)
A heap-buffer overflow vulnerability was discovered in pycrypto leading to arbitrary code execution. All users of pycrypto's AES module that allow the mode of operation to be specified by an attacker, check for ECB explicitly and create the objects without specifying an IV are vulnerable to this...
[SECURITY] [DLA 773-4] python-crypto update
Package : python-crypto Version : 2.6-4+deb7u7 The previous security updates for python-crypto DLA-773-1, DLA-773-2 & DLA-773-3 were not available on non-amd64 architectures. This was due to the testsuite failing to exit gracefully when "multiprocessing" based tests were not functioning or...
DLA-773-4 python-crypto - update
Bulletin has no description...
[SECURITY] [DLA 773-3] python-crypto regression update
Package : python-crypto Version : 2.6-4+deb7u6 CVE ID : CVE-2013-7459 Debian Bug : 849495, 850025, 850077 It was discovered that the previous attempt to fix the regression in python-crypto, a cryptographic algorithms and protocols for Python, was incorrect. This regression was initially introduce...
DLA-773-3 python-crypto - regression update
Bulletin has no description...
[SECURITY] [DLA 773-2] python-crypto regression update
Package : python-crypto Version : 2.6-4+deb7u5 CVE ID : CVE-2013-7459 Debian Bug : 849495, 850025, 850077 It was discovered that there was a regression in the recent update to python-crypto, a cryptographic algorithms and protocols for Python. We now raise a warning not an error on invalid input ...
DLA-773-2 python-crypto - regression update
Bulletin has no description...
Debian DLA-773-4 : python-crypto update
The previous security updates for python-crypto DLA-773-1, DLA-773-2 & DLA-773-3 were not available on non-amd64 architectures. This was due to the testsuite failing to exit gracefully when 'multiprocessing' based tests were not functioning or available, such as on the Debian buildd network. For...
[SECURITY] [DLA 773-1] python-crypto security update
Package : python-crypto Version : 2.6-4+deb7u4 CVE ID : CVE-2013-7459 Debian Bug : 849495 It was discovered that there was a vulnerability in python-crypto, a library of cryptographic algorithms and protocols for Python. Calling AES.new with an invalid parameter could crash the Python interpreter...
DLA-773-1 python-crypto - security update
Bulletin has no description...