-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : python-crypto Version : 2.6-4+deb7u6 CVE ID : CVE-2013-7459 Debian Bug : #849495, #850025, #850077
It was discovered that the previous attempt to fix the regression in python-crypto, a cryptographic algorithms and protocols for Python, was incorrect. This regression was initially introduced in 2.6-4+deb7u4 and not correctly fixed in 2.6-4+deb7u5. We now really print a warning (not raise an exception) on invalid input. Thanks to Salvatore Bonaccorso and Sebastian Ramacher. For Debian 7 "Wheezy", this issue has been fixed in python-crypto version 2.6-4+deb7u6. We recommend that you upgrade your python-crypto packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlhuI8sACgkQHpU+J9Qx Hli5aw//SAbN8S1d2kXh/LD/J9nrDKHpYL0gz+IPBMkxLKmqhl4mp4E8Pf8nHhJH NFYAxfQGf4OQRAA06ehhjfTokAs8TkogaIA5P+2yJUBnF0RRCY3opcwsHXj9K1tl scWJLnwTImludrcegDTS+/aWG37C3XozXqwdRJoQPjgVtZrDZdqlW9tvXtZhaStc 0I+n/AfXgPIgjI1gOkKklUg9lHrs1Iee4k1/hTw6ScXXeYNJX8hrWafHHJai7jKu i4HS5RzgBHlsGzj5tdKNObdAhg24iEUopbdTs0Ff/fcZuSSOe3S0MHeu5RZAqeRA CqqQRFVW3Sk+gAQVws7PeQ3ndVH+vywNf6EK/YU62TbOxWm803MSBAgJ0hlOJsQf bmLNmriMaqUlWmYHtrqdqHOZSkHKbh5k6WviO29o6Qu3naPsUZmSfKtG/2LxuOEp fHaZdczWwJlxaNg1PCuVb2C2Esatfqg+KHNG1r0ehW+9psCDi1wDIAFEMsRiA4RK u/KX8q42il+Og6ae0A5MdBsmFKHqq2uPDVrvWmriUehGpCQDNlW9nHRNF0iiYuqD yFYZqRbCin/+O1T5rDRzuJFZEN8U8yE1trh4/tLHCCDUh5T9jk3/Lle8RP+QubgZ ufrmow6YybFxhE6qWFJuDvWte7wYvS8JiWGVIn/4W9dbx4tdG1A= =NMPc -----END PGP SIGNATURE-----