1. Server >
  2. Unix Server >
  3. USN-3199-1: Python Crypto vulnerability


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

USN-3199-1: Python Crypto vulnerability

RSS Kategorie Pfeil Unix Server vom | Quelle: ubuntu.com Direktlink öffnen

Ubuntu Security Notice USN-3199-1

16th February, 2017

Python Crypto vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 16.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

Programs using the Python Cryptography Toolkit could be made to crash or run programs if they receive specially crafted network traffic or other input.

Software description

  • python-crypto - cryptographic algorithms and protocols for Python

Details

It was discovered that the ALGnew function in block_templace.c in the Python
Cryptography Toolkit contained a heap-based buffer overflow vulnerability.
A remote attacker could use this flaw to execute arbitrary code by using
a crafted initialization vector parameter.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 16.10:
python3-crypto 2.6.1-6ubuntu0.16.10.2
python-crypto 2.6.1-6ubuntu0.16.10.2
Ubuntu 16.04 LTS:
python3-crypto 2.6.1-6ubuntu0.16.04.1
python-crypto 2.6.1-6ubuntu0.16.04.1
Ubuntu 14.04 LTS:
python3-crypto 2.6.1-4ubuntu0.1
python-crypto 2.6.1-4ubuntu0.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2013-7459

...

Webseite öffnen Komplette Webseite öffnen

Newsbewertung

Kommentiere zu USN-3199-1: Python Crypto vulnerability






Ähnliche Beiträge

  • 1. Uncompyle6 - A Cross-Version Python Bytecode Decompiler vom 382.79 Punkte ic_school_black_18dp
    A native Python cross-version decompiler and fragment decompiler. The successor to decompyle, uncompyle, and uncompyle2. Introductionuncompyle6 translates Python bytecode back into equivalent Python source code. It accepts bytecodes from Python version
  • 2. USN-3199-2: Python Crypto regression vom 318.81 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3199-2 17th February, 2017 Python Crypto regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary USN-3199-1 introduced a regression
  • 3. Python in Visual Studio Code – September 2019 Release vom 258.06 Punkte ic_school_black_18dp
    We are pleased to announce that the September 2019 release of the Python Extension for Visual Studio Code is now available. You can download the Python extension from the Marketplace, or install it directly from the extension gallery in Visual Studi
  • 4. USN-3199-1: Python Crypto vulnerability vom 254.24 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3199-1 16th February, 2017 Python Crypto vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Programs using the Python Cryptogr
  • 5. USN-3616-1: Python Crypto vulnerability vom 242.59 Punkte ic_school_black_18dp
    python-crypto vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Python Crypto could expose sensitive information. Software Description python-crypto - cryptographi
  • 6. Python in Visual Studio Code – October 2019 Release vom 193.55 Punkte ic_school_black_18dp
    We are pleased to announce that the October 2019 release of the Python Extension for Visual Studio Code is now available. You can download the Python extension from the Marketplace, or install it directly from the extension gallery in Visual Studio Code. If you
  • 7. Who put Python in the Windows 10 May 2019 Update? vom 180.64 Punkte ic_school_black_18dp
    Today the Windows team announced the May 2019 Update for Windows 10. In this post we’re going to look at what we, the Python team, have done to make Python easier to install on Windows by helping the community publish to the Microsoft Store and, in co
  • 8. Bandit - Tool Designed To Find Common Security Issues In Python Code vom 169.21 Punkte ic_school_black_18dp
    Bandit is a tool designed to find common security issues in Python code. To do this Bandit processes each file, builds an AST from it, and runs appropriate plugins against the AST nodes. Once Bandit has finished scanning all the files it generates a
  • 9. Python in Visual Studio Code – May 2019 Release vom 167.74 Punkte ic_school_black_18dp
    We are pleased to announce that the May 2019 release of the Python Extension for Visual Studio Code is now available. You can download the Python extension from the Marketplace, or install it directly from the extension gallery in Visual Studio Code.
  • 10. Python in Visual Studio Code – May 2019 Release vom 167.74 Punkte ic_school_black_18dp
    We are pleased to announce that the May 2019 release of the Python Extension for Visual Studio Code is now available. You can download the Python extension from the Marketplace, or install it directly from the extension gallery in Visual Studio Code.
  • 11. Python in Visual Studio Code – June 2019 Release vom 167.74 Punkte ic_school_black_18dp
    We are pleased to announce that the June 2019 release of the Python Extension for Visual Studio Code is now available. You can download the Python extension from the Marketplace, or install it directly from the extension gallery in Visual Studio Co
  • 12. Python in Visual Studio Code – August 2019 Release vom 167.74 Punkte ic_school_black_18dp
    We are pleased to announce that the August 2019 release of the Python Extension for Visual Studio Code is now available. You can download the Python extension from the Marketplace, or install it directly from the extension gallery in Visual Studio Code. I