stable

python-cryptography-37.0.2-5.fc37

FEDORA-2023-fa5d0b461d created by cheimes a year ago for Fedora 37

Security fix for CVE-2023-23931

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.update_into would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as bytes) to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. This issue has been present since update_into was originally introduced in cryptography 1.8.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2023-fa5d0b461d

This update has been submitted for testing by cheimes.

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

This update's test gating status has been changed to 'failed'.

a year ago
User Icon adamwill commented & provided feedback a year ago

The install_default_update_live test failures here are caused by a problem in the test, not a problem in the update. I'm going to have to think a bit about how to resolve those, so I'll waive them for now.

This update's test gating status has been changed to 'waiting'.

a year ago

This update's test gating status has been changed to 'failed'.

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

This update's test gating status has been changed to 'failed'.

a year ago

This update's test gating status has been changed to 'passed'.

a year ago

This update has been pushed to testing.

a year ago
User Icon besser82 commented & provided feedback a year ago
karma

Works great! LGTM! =)

User Icon py0xc3 commented & provided feedback a year ago
karma

CVE cases not tested. But works fine with some python3 tools that make use of python-cryptography.

This update can be pushed to stable now if the maintainer wishes

a year ago
User Icon frantisekz commented & provided feedback a year ago
karma

My projects requiring this work fine

This update has been submitted for stable by bodhi.

a year ago

This update has been pushed to stable.

a year ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago
approved
a year ago
BZ#2171661 python-cryptography: FTBFS in Fedora rawhide/f38
0
0
BZ#2171817 CVE-2023-23931 python-cryptography: memory corruption via immutable objects
0
0
BZ#2171820 CVE-2023-23931 python-cryptography: memory corruption via immutable objects [fedora-36]
0
0
BZ#2171826 CVE-2023-23931 python-cryptography: memory corruption via immutable objects [fedora-37]
0
0

Automated Test Results