Overview

File _patchinfo of Package patchinfo.27728

<patchinfo incident="27728">
  <issue tracker="bnc" id="1182066">VUL-0: CVE-2020-36242: python-cryptography: calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow</issue>
  <issue tracker="bnc" id="1199282">Update azure SDK and cli to support aarch64 image creation</issue>
  <issue tracker="bnc" id="1198331">python-moto: failed on test_boto3_availability_zones test_create_notebook_instance_bad_volume_size</issue>
  <issue tracker="bnc" id="1178168">VUL-0: CVE-2020-25659: python-cryptography: bleichenbacher timing oracle attack against RSA decryption</issue>
  <issue tracker="jsc" id="SLE-24629"/>
  <issue tracker="cve" id="2020-25659"/>
  <issue tracker="cve" id="2020-36242"/>
  <packager>glaubitz</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for python-cryptography, python-cryptography-vectors</summary>
  <description>This update for python-cryptography, python-cryptography-vectors fixes the following issues:

- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- CVE-2020-36242: Fixed a bug where certain sequences of update() calls could result in integer overflow (bsc#1182066).
- CVE-2020-25659: Fixed Bleichenbacher vulnerabilities (bsc#1178168).  

- update to 3.3.2 (bsc#1198331)
	 
	  </description>
</patchinfo>
openSUSE Build Service is sponsored by
Places