commit python-M2Crypto for openSUSE:Factory

Thu, 14 Jul 2022 07:33:28 -0700 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package python-M2Crypto for openSUSE:Factory 
checked in at 2022-07-14 16:33:15
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-M2Crypto (Old)
 and      /work/SRC/openSUSE:Factory/.python-M2Crypto.new.1523 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "python-M2Crypto"

Thu Jul 14 16:33:15 2022 rev:43 rq:988816 version:0.38.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/python-M2Crypto/python-M2Crypto.changes  
2022-04-09 01:44:07.926676351 +0200
+++ 
/work/SRC/openSUSE:Factory/.python-M2Crypto.new.1523/python-M2Crypto.changes    
    2022-07-14 16:33:18.600573744 +0200
@@ -1,0 +2,8 @@
+Tue Jul 12 20:49:47 UTC 2022 - Matej Cepl <[email protected]>
+
+- Add CVE-2020-25657-Bleichenbacher-attack.patch (CVE-2020-25657,
+  bsc#1178829), which mitigates the Bleichenbacher timing attacks
+  in the RSA decryption API.
+- Add python-M2Crypto.keyring to verify GPG signature of tarball.
+
+-------------------------------------------------------------------

New:
----
  CVE-2020-25657-Bleichenbacher-attack.patch
  python-M2Crypto.keyring

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ python-M2Crypto.spec ++++++
--- /var/tmp/diff_new_pack.6CLaip/_old  2022-07-14 16:33:19.120574231 +0200
+++ /var/tmp/diff_new_pack.6CLaip/_new  2022-07-14 16:33:19.124574235 +0200
@@ -27,6 +27,10 @@
 URL:            https://gitlab.com/m2crypto/m2crypto
 Source0:        
https://files.pythonhosted.org/packages/source/M/M2Crypto/M2Crypto-%{version}.tar.gz
 Source1:        
https://files.pythonhosted.org/packages/source/M/M2Crypto/M2Crypto-%{version}.tar.gz.asc
+Source99:       python-M2Crypto.keyring
+# PATCH-FIX-UPSTREAM CVE-2020-25657-Bleichenbacher-attack.patch bsc#1178829 
[email protected]
+# Mitigate the Bleichenbacher timing attacks in the RSA decryption API
+Patch0:         CVE-2020-25657-Bleichenbacher-attack.patch
 BuildRequires:  %{python_module devel}
 BuildRequires:  %{python_module parameterized}
 BuildRequires:  %{python_module pytest}

++++++ CVE-2020-25657-Bleichenbacher-attack.patch ++++++

(No newline at EOF)

Reply via email to