Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
48e66bd2 by Salvatore Bonaccorso at 2018-04-16T06:52:06+02:00
Mark CVE-2018-6594 as fixed
There are pending issues upstream, which might require an interface
change. Basically anyway, upstream feels this is not an issue in the
library itself but in an application using it in an insecure manner. See
as well the corresponding gnupg/libgcyrpt* CVE.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -9177,7 +9177,7 @@ CVE-2018-6595
RESERVED
CVE-2018-6594 (lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1
generates ...)
- pycryptodome 3.4.11-1 (bug #889998)
- - python-crypto <unfixed> (bug #889999)
+ - python-crypto 2.6.1-9 (bug #889999)
[stretch] - python-crypto <no-dsa> (Minor issue)
[jessie] - python-crypto <no-dsa> (Minor issue)
[wheezy] - python-crypto <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/48e66bd2b40fd564e85e9f42f90e82086cd2847c
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/48e66bd2b40fd564e85e9f42f90e82086cd2847c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
