ELSA-2021-1608 - python-cryptography security, bug fix, and enhancement update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2021-05-25 |
Description
[3.2.1-4]
- CVE-2020-36242: Fixed a bug where certain sequences of update() calls
when symmetrically encrypting very large payloads (>2GB) could result
in an integer overflow, leading to buffer overflows.
- Resolves: rhbz#1926528
[3.2.1-3]
- Conflict with non-matching vector package
[3.2.1-2]
- Re-add remove NPN bindings, required for pyOpenSSL
- Resolves: rhbz#1907429
[3.2.1-1]
- Rebase to upstream release 3.2.1
- Resolves: rhbz#1873581
- Resolves: rhbz#1778939
- Removed dependencies on python-asn1crypto, python-idna
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle Linux 8 (aarch64) | python-cryptography-3.2.1-4.el8.src.rpm | a2ba89e2b90840435b334d0f81cc800f | - |
| python3-cryptography-3.2.1-4.el8.aarch64.rpm | 77cf3d46018553ead004f31fde0df698 | - |
|
| Oracle Linux 8 (x86_64) | python-cryptography-3.2.1-4.el8.src.rpm | a2ba89e2b90840435b334d0f81cc800f | - |
| python3-cryptography-3.2.1-4.el8.x86_64.rpm | 1b45e63290a61b413100d38be9c9a938 | - |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
