Your message dated Wed, 17 Feb 2016 10:03:49 +0000
with message-id <[email protected]>
and subject line Bug#809980: fixed in python-rsa 3.2.3-1.1
has caused the Debian Bug report #809980,
regarding python-rsa: CVE-2016-1494: Signature forgery using Bleichenbacher'06
attack
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
809980: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809980
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: python-rsa
Version: 3.2.3-1
Severity: normal
Python-rsa suffers a vulnerability which has been registered
as CVE-2016-1494 [1], a fix is available.
Thanks,
DS
[1] http://www.openwall.com/lists/oss-security/2016/01/05/1
-- System Information:
Debian Release: stretch/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 4.2.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Source: python-rsa
Source-Version: 3.2.3-1.1
We believe that the bug you reported is fixed in the latest version of
python-rsa, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <[email protected]> (supplier of updated python-rsa
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 07 Feb 2016 07:29:08 +0100
Source: python-rsa
Binary: python-rsa python3-rsa
Architecture: source
Version: 3.2.3-1.1
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Modules Team
<[email protected]>
Changed-By: Salvatore Bonaccorso <[email protected]>
Closes: 809980
Description:
python-rsa - Pure-Python RSA implementation (Python 2)
python3-rsa - Pure-Python RSA implementation (Python 3)
Changes:
python-rsa (3.2.3-1.1) unstable; urgency=medium
.
* Non-maintainer upload.
* CVE-2016-1494: Possible signature forgery using Bleichenbacher'06 attack
(Closes: #809980)
Checksums-Sha1:
a74d30890bb8989194ef0e7b063e8290f381ef6d 2134 python-rsa_3.2.3-1.1.dsc
9391b7a42a991a021aac47c51e366db0b593c702 4120
python-rsa_3.2.3-1.1.debian.tar.xz
Checksums-Sha256:
ab7a3acebb0609f75a60ae8460703aa3e38dde353f8dd7e6c9120d062f6fd2b3 2134
python-rsa_3.2.3-1.1.dsc
3d6637a75019dc5da7875b92d26f2295c0d53a16c64f12161f9b091e5c3d9f68 4120
python-rsa_3.2.3-1.1.debian.tar.xz
Files:
820b99fa605170ef61b9fbc99dbc2d41 2134 python optional python-rsa_3.2.3-1.1.dsc
72b86263d364fb064b40a13c9c5ad193 4120 python optional
python-rsa_3.2.3-1.1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJWtwMgAAoJEAVMuPMTQ89EPQYQAKFCBTKMvRqhAUqAHGUoy6sg
WLitMj5xQ0DRO0sMMUNmGRgGfWQzS2pEbhZCqHEJH/XNdXFmJbrAnn1RDOXDkoK2
mHwwBfiMyKKqcVDsnVLjKjEKWzlqPRpFzF3kvY6mzLx6pGyVUQm/0al5+xyf+YPc
qBYTAvdhQJykHfpGR7Lk/zk+V4pYGYxQDiDi7fRUqZEgnSm25Ha4nGJ+RM0eQnxF
6ySMnAq5ccLXAhfwx9ickOvs12GKU0WBX5LX4JMsD1i1icOnNHPuE5tNZtmMBpCF
YVtPXh3yVEDRs3bhSwOeiH14Usjuot2sCVsl9tCXTDnnNCW+qcdN3rnRVEIA2+T4
CkHjYp6j9MrN+Wmf3yfAdN//uzW/7UwXw1FX9eFMJkWml719V98WWqae/BWwbptC
/SNjOUDypymcV/X8PhN2apm0QwNJlyRCH462PXzG5+horpPeC3flc63Fxyia76jX
MIPWZmIviK8VhmPqpkWvySwfEzjQpqCbQhhAsbleL+U+SatQfnnmJy99tyipKjJu
b/OD0eDHgI3+hUxfd/ZbzLNHfLJ2pOGd92//eDF3OmpAs+NnKhopHrO+ZR23KN1z
16RTqbEHg0KEVnCF3jQScaaW4qzgTj/zEGKpqbrEeQR8ODBj5BqRcXQDT0paARVl
YVTgDyEJtDs9RzP8ctMP
=uUaA
-----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________
Python-modules-team mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/python-modules-team
