Bug 2415408

Summary: Update python-pytcryptodomex to >= 3.19.1 in EPEL-8 for CVE-2023-52323
Product: [Fedora] Fedora EPEL Reporter: David Mueller <dsm42>
Component: python-pycryptodomexAssignee: Mohamed El Morabity <pikachu.2014>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: epel8CC: pikachu.2014, rcallicotte
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: python-pycryptodomex-3.21.0-1.el8 Doc Type: ---
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2026-01-12 00:36:16 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description David Mueller 2025-11-17 16:44:01 UTC 
Description of problem:

python-pycryptodomex for EPEL-8 is still version 3.10.1 and is thus affected by CVE-2023-52323. This CVE was fixed in version 3.19.1 so it needs to be updated to at least that version to resolve the CVE. EPEL-9 contains 3.20.0; 3.21.0 is the newest version that is viable for EPEL-8 since Python 3.6 support was removed in 3.22.0 per the upstream changelog: https://www.pycryptodome.org/src/changelog

This vulnerability was fixed in several RHEL packages that include pycryptodome in bug #2257028. 


Version-Release number of selected component (if applicable):

3.10.1
Comment 1 Fedora Update System 2026-01-03 03:42:09 UTC 
FEDORA-EPEL-2026-4013949761 (python-pycryptodomex-3.21.0-1.el8) has been submitted as an update to Fedora EPEL 8.
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-4013949761
Comment 2 Fedora Update System 2026-01-04 01:17:56 UTC 
FEDORA-EPEL-2026-4013949761 has been pushed to the Fedora EPEL 8 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-4013949761

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 3 Fedora Update System 2026-01-12 00:36:16 UTC 
FEDORA-EPEL-2026-4013949761 (python-pycryptodomex-3.21.0-1.el8) has been pushed to the Fedora EPEL 8 stable repository.
If problem still persists, please make note of it in this bug report.