Fedora: Security Advisory for python-cryptography (FEDORA-2023-fa5d0b461d)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 37 : python-cryptography (2023-fa5d0b461d)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-fa5d0b461d advisory. Security fix for CVE-2023-23931 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected...

Debian: Security Advisory (DLA-3331-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3331-1] python-cryptography security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3331-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb February 21, 2023 https://wiki.debian.org/LTS -...

Debian dla-3331 : python-cryptography - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3331 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3331-2 [email protected] https://www.debian.org/lts/security/...

DLA-3331-1 python-cryptography - security update

Bulletin has no description...

CVE-2023-23931

A vulnerability was found in python-cryptography. In affected versions, Cipher.updateinto would accept Python objects which implement the buffer protocol but provide only immutable buffers. This issue allows immutable objects such as bytes to be mutated, thus violating the fundamental rules of...

SUSE CVE-2018-10903

A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1 byte suc...

AZL-13353 CVE-2023-23931 affecting package python-cryptography for versions less than 3.3.2-4

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...

SUSE SLED15 / SLES15 Security Update : python-cryptography, python-cryptography-vectors (SUSE-SU-2022:4044-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4044-1 advisory. - A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a...

SUSE-SU-2022:4044-1 Security update for python-cryptography, python-cryptography-vectors

This update for python-cryptography, python-cryptography-vectors fixes the following issues: - Update in SLE-15 bsc1177083, jscPM-2730, jscSLE-18312 - Refresh patches for new version - Update in SLE-15 bsc1176785, jscECO-3105, jscPM-2352 - update to 2.9.2 2.9.2 - 2020-04-22 - Updated the macOS...

SUSE: Security Advisory (SUSE-SU-2022:4044-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

python-cryptography bug fix and enhancement update

An update is available for python-cryptography. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rock...

The vulnerability of the python-cryptography package, a programming language interpreter for Python, allows attackers to gain unauthorized access to protected information.

The vulnerability of the python-cryptography package, a programming language interpreter for Python, is related to errors in RSA key management. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

SUSE-RU-2022:2355-1 Recommended update for python-cryptography

This update for python-cryptography fixes the following issues: python-cryptography was updated to 3.3.2. update to 3.3.0: BACKWARDS INCOMPATIBLE: The GCM and AESGCM now require 64-bit to 1024-bit 8 byte to 128 byte initialization vectors. This change is to conform with an upcoming OpenSSL releas...

pcs security update

0.11.1-10.el90.1 - Updated bundled rubygems: sinatra, rack-protection - Resolves: rhbz2081333 0.11.1-10 - Fixed snmp client - Fixed translating resource roles in colocation constraint - Resolves: rhbz2048640 0.11.1-9 - Fixed cluster destroy in web ui - Fixed covscan issue in web ui - Resolves:...

new packages: python-cryptography

An update is available for python-cryptography. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rock...

python39:3.9 and python39-devel:3.9 security update

modwsgi 4.7.1-4 - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz1877430 4.7.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora33MassRebuild 4.7.1-2 - Rebuilt for Python 3.9 4.7.1-1 - update to 4.7.1 1721376 python39 3.9.7-1 - Update to 3.9.7 Resolves: rhbz2003102...

AlmaLinux 8 : python-cryptography (ALSA-2021:1608)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:1608 advisory. - python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext...

Mageia: Security Advisory (MGASA-2018-0429)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...