Overview
Request 1149625 accepted
- update to 42.0.4 (bsc#1220210, CVE-2024-26130):
* Fixed a null-pointer-dereference and segfault that could occur
when creating a PKCS#12 bundle. Credit to Alexander-Programming
for reporting the issue. CVE-2024-26130
* Fixed ASN.1 encoding for PKCS7/SMIME signed messages. The fields
SMIMECapabilities and SignatureAlgorithmIdentifier should now be
correctly encoded according to the definitions in :rfc:2633
:rfc:3370.
- update to 42.0.3:
* Fixed an initialization issue that caused key loading failures for some
users.
- Drop patch skip_openssl_memleak_test.patch not needed anymore.
@dirkmueller python-cryptography:test is failing to build:
[ 176s] =================================== FAILURES =================================== [ 176s] ________________________ TestAESSIV.test_data_too_large ________________________ [ 176s] [gw1] linux -- Python 3.9.18 /usr/bin/python3.9 [ 176s] [ 176s] self = <tests.hazmat.primitives.test_aead.TestAESSIV object at 0xf572fd00> [ 176s] [ 176s] [@pytest.mark.skipif](https://build.opensuse.org/users/pytest.mark.skipif)( [ 176s] sys.platform not in {"linux", "darwin"}, reason="mmap required" [ 176s] ) [ 176s] def test_data_too_large(self): [ 176s] key = AESSIV.generate_key(256) [ 176s] aessiv = AESSIV(key) [ 176s] [ 176s] > large_data = large_mmap() [ 176s] [ 176s] tests/hazmat/primitives/test_aead.py:704: [ 176s] _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ [ 176s] [ 176s] def large_mmap(): [ 176s] > return mmap.mmap(-1, 2**32, prot=mmap.PROT_READ) [ 176s] E OverflowError: Python int too large to convert to C ssize_t [ 176s] [ 176s] tests/hazmat/primitives/test_aead.py:41: OverflowError [ 176s] ___________________ TestChaCha20Poly1305.test_data_too_large ___________________ [ 176s] [gw0] linux -- Python 3.9.18 /usr/bin/python3.9 [ 176s] [ 176s] self = <tests.hazmat.primitives.test_aead.TestChaCha20Poly1305 object at 0xf544f3d0> [ 176s] [ 176s] [@pytest.mark.skipif](https://build.opensuse.org/users/pytest.mark.skipif)( [ 176s] sys.platform not in {"linux", "darwin"}, reason="mmap required" [ 176s] ) [ 176s] def test_data_too_large(self): [ 176s] key = ChaCha20Poly1305.generate_key() [ 176s] chacha = ChaCha20Poly1305(key) [ 176s] nonce = b"0" * 12 [ 176s] [ 176s] > large_data = large_mmap() [ 176s] [ 176s] tests/hazmat/primitives/test_aead.py:66: [ 176s] _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ [ 176s] [ 176s] def large_mmap(): [ 176s] > return mmap.mmap(-1, 2**32, prot=mmap.PROT_READ) [ 176s] E OverflowError: Python int too large to convert to C ssize_t [ 176s] [ 176s] tests/hazmat/primitives/test_aead.py:41: OverflowError [ 176s] ________________________ TestAESCCM.test_data_too_large ________________________ [ 176s] [gw0] linux -- Python 3.9.18 /usr/bin/python3.9 [ 176s] [ 176s] self = <tests.hazmat.primitives.test_aead.TestAESCCM object at 0xf544f310> [ 176s] [ 176s] [@pytest.mark.skipif](https://build.opensuse.org/users/pytest.mark.skipif)( [ 176s] sys.platform not in {"linux", "darwin"}, reason="mmap required" [ 176s] ) [ 176s] def test_data_too_large(self): [ 176s] key = AESCCM.generate_key(128) [ 176s] aesccm = AESCCM(key) [ 176s] nonce = b"0" * 12 [ 176s] [ 176s] > large_data = large_mmap() [ 176s] [ 176s] tests/hazmat/primitives/test_aead.py:207: [ 176s] _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ [ 176s] [ 176s] def large_mmap(): [ 176s] > return mmap.mmap(-1, 2**32, prot=mmap.PROT_READ) [ 176s] E OverflowError: Python int too large to convert to C ssize_t [ 176s] [ 176s] tests/hazmat/primitives/test_aead.py:41: OverflowError [ 176s] ________________________ TestAESGCM.test_data_too_large ________________________ [ 176s] [gw0] linux -- Python 3.9.18 /usr/bin/python3.9 [ 176s] [ 176s] self = <tests.hazmat.primitives.test_aead.TestAESGCM object at 0xf54d1d78> [ 176s] [ 176s] [@pytest.mark.skipif](https://build.opensuse.org/users/pytest.mark.skipif)( [ 176s] sys.platform not in {"linux", "darwin"}, reason="mmap required" [ 176s] ) [ 176s] def test_data_too_large(self): [ 176s] key = AESGCM.generate_key(128) [ 176s] aesgcm = AESGCM(key) [ 176s] nonce = b"0" * 12 [ 176s] [ 176s] > large_data = large_mmap() [ 176s] [ 176s] tests/hazmat/primitives/test_aead.py:385: [ 176s] _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ [ 176s] [ 176s] def large_mmap(): [ 176s] > return mmap.mmap(-1, 2**32, prot=mmap.PROT_READ) [ 176s] E OverflowError: Python int too large to convert to C ssize_t [ 176s] [ 176s] tests/hazmat/primitives/test_aead.py:41: OverflowError [ 176s] _______________________ TestAESOCB3.test_data_too_large ________________________ [ 176s] [gw0] linux -- Python 3.9.18 /usr/bin/python3.9 [ 176s] [ 176s] self = <tests.hazmat.primitives.test_aead.TestAESOCB3 object at 0xf54d1700> [ 176s] [ 176s] [@pytest.mark.skipif](https://build.opensuse.org/users/pytest.mark.skipif)( [ 176s] sys.platform not in {"linux", "darwin"}, reason="mmap required" [ 176s] ) [ 176s] def test_data_too_large(self): [ 176s] key = AESOCB3.generate_key(128) [ 176s] aesocb3 = AESOCB3(key) [ 176s] nonce = b"0" * 12 [ 176s] [ 176s] > large_data = large_mmap() [ 176s] [ 176s] tests/hazmat/primitives/test_aead.py:530: [ 176s] _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ [ 176s] [ 176s] def large_mmap(): [ 176s] > return mmap.mmap(-1, 2**32, prot=mmap.PROT_READ) [ 176s] E OverflowError: Python int too large to convert to C ssize_t [ 176s] [ 176s] tests/hazmat/primitives/test_aead.py:41: OverflowError
@dirkmueller do you mind taking a look? This is been stuck because python-cryptography:test has been failing to build on i586
Request History
dgarcia created request
- update to 42.0.4 (bsc#1220210, CVE-2024-26130):
* Fixed a null-pointer-dereference and segfault that could occur
when creating a PKCS#12 bundle. Credit to Alexander-Programming
for reporting the issue. CVE-2024-26130
* Fixed ASN.1 encoding for PKCS7/SMIME signed messages. The fields
SMIMECapabilities and SignatureAlgorithmIdentifier should now be
correctly encoded according to the definitions in :rfc:2633
:rfc:3370.
- update to 42.0.3:
* Fixed an initialization issue that caused key loading failures for some
users.
- Drop patch skip_openssl_memleak_test.patch not needed anymore.
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
anag+factory set openSUSE:Factory:Staging:F as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:F"
anag+factory accepted review
Picked "openSUSE:Factory:Staging:F"
anag+factory added factory-staging as a reviewer
Being evaluated by group "factory-staging"
anag+factory accepted review
Unstaged from project "openSUSE:Factory:Staging:F"
anag+factory set openSUSE:Factory:Staging:J as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:J"
anag+factory accepted review
Picked "openSUSE:Factory:Staging:J"
darix accepted review
Accepted review for by_group opensuse-review-team request 1149625 from user anag+factory
anag+factory accepted review
Staging Project openSUSE:Factory:Staging:J got accepted.
anag+factory approved review
Staging Project openSUSE:Factory:Staging:J got accepted.
anag+factory accepted request
Staging Project openSUSE:Factory:Staging:J got accepted.