The jwcrypto implementation of the RSA1_5 algorithm is vulnerable to the Million Message Attack described in RFC 3128. A timing attack can be leveraged against the implementation to detect when a chosed ciphertext generates a valid header and padding because invalid headr/padding generates a code exception and cryptographic operations are terminated earlier resulting in measurably faster processing over the network. Upstream issue: https://github.com/latchset/jwcrypto/issues/65 Upstream patch: https://github.com/latchset/jwcrypto/pull/66
Acknowledgments: Name: Dennis Detering
Created python-jwcrypto tracking bugs for this issue: Affects: fedora-all [bug 1371800]
python-jwcrypto-0.3.2-1.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.
python-jwcrypto-0.3.2-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.
python-jwcrypto-0.3.2-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.