Fedora alert FEDORA-2016-c845706426 (python-rsa)
| From: | updates@fedoraproject.org | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 22 Update: python-rsa-3.3-2.fc22 | |
| Date: | Sun, 24 Jan 2016 03:18:52 +0000 (UTC) | |
| Message-ID: | <20160124031852.834E06087A86@bastion01.phx2.fedoraproject.org> |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-c845706426 2016-01-23 22:24:31.906836 -------------------------------------------------------------------------------- Name : python-rsa Product : Fedora 22 Version : 3.3 Release : 2.fc22 URL : http://stuvel.eu/rsa Summary : Pure-Python RSA implementation Description : Python-RSA is a pure-Python RSA implementation. It supports encryption and decryption, signing and verifying signatures, and key generation according to PKCS#1 version 1.5. It can be used as a Python library as well as on the command-line. -------------------------------------------------------------------------------- Update Information: Fix for CVE-2016-1494 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1295871 - CVE-2016-1494 python-rsa: Signature forgery using Bleichenbacher'06 attack [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1295871 [ 2 ] Bug #1295870 - CVE-2016-1494 python-rsa: Signature forgery using Bleichenbacher'06 attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1295870 [ 3 ] Bug #1298335 - python-rsa-3.2.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1298335 [ 4 ] Bug #1297222 - Old version with security issues, please approve ACL https://bugzilla.redhat.com/show_bug.cgi?id=1297222 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update python-rsa' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...