Your message dated Tue, 22 Mar 2016 23:57:39 +0000
with message-id <[email protected]>
and subject line Bug#809980: fixed in python-rsa 3.1.4-1+deb8u1
has caused the Debian Bug report #809980,
regarding python-rsa: CVE-2016-1494: Signature forgery using Bleichenbacher'06
attack
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
809980: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809980
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: python-rsa
Version: 3.2.3-1
Severity: normal
Python-rsa suffers a vulnerability which has been registered
as CVE-2016-1494 [1], a fix is available.
Thanks,
DS
[1] http://www.openwall.com/lists/oss-security/2016/01/05/1
-- System Information:
Debian Release: stretch/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 4.2.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Source: python-rsa
Source-Version: 3.1.4-1+deb8u1
We believe that the bug you reported is fixed in the latest version of
python-rsa, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <[email protected]> (supplier of updated python-rsa
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 22 Mar 2016 17:33:03 +0100
Source: python-rsa
Binary: python-rsa python3-rsa
Architecture: all source
Version: 3.1.4-1+deb8u1
Distribution: jessie
Urgency: medium
Maintainer: Debian Python Modules Team
<[email protected]>
Changed-By: Salvatore Bonaccorso <[email protected]>
Closes: 809980
Description:
python-rsa - Pure-Python RSA implementation (Python 2)
python3-rsa - Pure-Python RSA implementation (Python 3)
Changes:
python-rsa (3.1.4-1+deb8u1) jessie; urgency=medium
.
* Non-maintainer upload.
* CVE-2016-1494: Possible signature forgery using Bleichenbacher'06 attack
(Closes: #809980)
Checksums-Sha1:
32ffb97e01481b8324d9bc171a59582a8fa6d80f 2087 python-rsa_3.1.4-1+deb8u1.dsc
739caec5c6183620e89b68e01dc88bbbf6ebad83 3624
python-rsa_3.1.4-1+deb8u1.debian.tar.xz
34f8ed62c1b2f4ac6bf0215305d30a423ac35b10 27490
python-rsa_3.1.4-1+deb8u1_all.deb
a8cb6494ffb05e94e7698afdfaa41bb83bed63df 26946
python3-rsa_3.1.4-1+deb8u1_all.deb
Checksums-Sha256:
d949995858c1cc864e6df9de4120cc07cd93d6acbca6d27df8d7f59470fef3d7 2087
python-rsa_3.1.4-1+deb8u1.dsc
e4b08b920759b137effac75838fdd5d34459dad1e2ea5e707c3c635c563c0854 3624
python-rsa_3.1.4-1+deb8u1.debian.tar.xz
4c90ab386058367d5b94ee6255a50bfab13d5fbcd468b22e85505780e63ea196 27490
python-rsa_3.1.4-1+deb8u1_all.deb
6f3528d5f2b745d8d5ea27a5991324151aab4f86b4f3b594663e7332f95646b7 26946
python3-rsa_3.1.4-1+deb8u1_all.deb
Files:
25ac308eb583dc2c5db29356d86e44be 2087 python optional
python-rsa_3.1.4-1+deb8u1.dsc
08f742219373b3254bc616b20caa45af 3624 python optional
python-rsa_3.1.4-1+deb8u1.debian.tar.xz
5230faef622ba1186cf1a50c38173d60 27490 python optional
python-rsa_3.1.4-1+deb8u1_all.deb
f4f7ca585c8f53e0c35db5e7ba248fc5 26946 python optional
python3-rsa_3.1.4-1+deb8u1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJW8XVZAAoJEAVMuPMTQ89E55YP/3Si8AfGomXDNeSWtGHgvWay
3IQIfT8XN0zfMoA8towNA9eo3NcL6hZl2IMAv2cnRn7PB2z3kZUwCXrGahCW/jFj
EdaYifk7G6CVqayqsvHiIaYY18IIsh/mRAxJmx7X/VoFFalkK1/3oBxRvp+XDPxo
ctNeNKtgCLHaQQuepuVrU+ag3DPk0e3FOqEk8zG+oJOb8hG0k73j7BII2Lk8j7sm
mB+H9yTqxsqcv6/0qntLSNYnkEIIX95920ZrY8sskTKRvr3nCNYaB7c8mm5hvWBd
zaPAGgVSC16XfkpflxBnovUvN2hWuu9PEXKcidc4mZFoBYhsE36HU9lD9B97TUET
IIbCWAstWvH2jtvVY1HZ5VBMnZFBQTv3YQbG70saqPx28mD9FfP+XMuIQtBGvJvd
KHzW7jwIJxPdlY9DWqPMnpEHVemstLKBMv+aSGeCc9NipYMZNabSDHtcXWZVlpsC
6fRHLX9+czuAXSgPqqKDe1vXn/NTqwh0GwtChR4YwUodePhme7yVh3QncA38zgCG
OcUoQ3ekvrAfNhcAOkGFm1gSveBJzEpG0IkBx2SgePkFHU0Od6aQNSZPR4L4eLMY
u6jWvXVxdAP4wMD5ELMU61i0L1otdV4rcQXxoVBFX/6B+VH16DvxClbluGYWPvR3
L+h4n564ipYYgqF/MWyf
=EQ4U
-----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________
Python-modules-team mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/python-modules-team
