ELSA-2024-12079

ULN >
Oracle Linux Errata repository >
ELSA-2024-12079

ELSA-2024-12079 - python-cryptography security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2024-01-18

Description

[36.0.1-4.0.1]
- Fix CVE-2023-49083: NULL-dereference when loading PKCS7 certificates [Orabug: 36119159]

[36.0.1-4]
- Fix FTBFS caused by rsa_pkcs1_implicit_rejection OpenSSL feature, resolves rhbz#2203840

[36.0.1-3]
- Fix CVE-2023-23931: Don't allow update_into to mutate immutable objects, resolves rhbz#2172399
- Fix FTBFS due to failing test_load_invalid_ec_key_from_pem and test_decrypt_invalid_decrypt

Related CVEs

CVE-2023-49083

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	python-cryptography-3.2.1-6.0.1.el8.src.rpm	0c1ef7416b5d8e7bac8a0986e31d8b3c	-	ol8_aarch64_baseos_latest
	python-cryptography-3.2.1-6.0.1.el8.src.rpm	0c1ef7416b5d8e7bac8a0986e31d8b3c	-	ol8_aarch64_u9_baseos_patch
	python3-cryptography-3.2.1-6.0.1.el8.aarch64.rpm	7c752cf8f8b100d24afe3b2011a4c828	-	ol8_aarch64_baseos_latest
	python3-cryptography-3.2.1-6.0.1.el8.aarch64.rpm	7c752cf8f8b100d24afe3b2011a4c828	-	ol8_aarch64_u9_baseos_patch

Oracle Linux 8 (x86_64)	python-cryptography-3.2.1-6.0.1.el8.src.rpm	0c1ef7416b5d8e7bac8a0986e31d8b3c	-	ol8_x86_64_baseos_latest
	python-cryptography-3.2.1-6.0.1.el8.src.rpm	0c1ef7416b5d8e7bac8a0986e31d8b3c	-	ol8_x86_64_u9_baseos_patch
	python3-cryptography-3.2.1-6.0.1.el8.x86_64.rpm	3469eb5582d42270bab57ca7e0569bcf	-	ol8_x86_64_baseos_latest
	python3-cryptography-3.2.1-6.0.1.el8.x86_64.rpm	3469eb5582d42270bab57ca7e0569bcf	-	ol8_x86_64_u9_baseos_patch

Oracle Linux 9 (aarch64)	python-cryptography-36.0.1-4.0.1.el9.src.rpm	c8a9c7ddd27989069f8e37598f68e016	-	ol9_aarch64_appstream
	python3-cryptography-36.0.1-4.0.1.el9.aarch64.rpm	05ecaa29bf66ed466bd89bb574a7b5a8	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	python-cryptography-36.0.1-4.0.1.el9.src.rpm	c8a9c7ddd27989069f8e37598f68e016	-	ol9_x86_64_appstream
	python3-cryptography-36.0.1-4.0.1.el9.x86_64.rpm	5f73e3e974b3f220d53a6970be586a1a	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691