python-cryptography (1.2.3-1ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: HKDF might return an empty byte-string
- debian/patches/CVE-2016-9243.patch: fix short length handling in
src/cryptography/hazmat/primitives/kdf/hkdf.py, added test to
tests/hazmat/primitives/test_hkdf.py.
- CVE-2016-9243
Date: 2016-11-17 15:47:14.840328+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
Signed-By: Ubuntu Archive Robot
<cjwatson+ubuntu-archive-ro...@chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/python-cryptography/1.2.3-1ubuntu0.1
Sorry, changesfile not available.
--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes