1666967 – It must update to fix pyOpenSSL CVE's

Bug 1666967 - It must update to fix pyOpenSSL CVE's

Summary: It must update to fix pyOpenSSL CVE's

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora EPEL
Classification:	Fedora
Component:	python-cryptography
Sub Component:
Version:	epel7
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	---
Assignee:	Jeremy Cline
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2019-01-17 06:10 UTC by Frank Büttner
Modified:	2020-01-24 20:43 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2020-01-24 20:43:05 UTC
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	1640216	0	low	CLOSED	CVE-2018-1000808 pyOpenSSL: Failure to release memory before removing last reference in PKCS #12 Store	2021-02-22 00:41:40 UTC
Red Hat Bugzilla	1640217	0	medium	CLOSED	CVE-2018-1000807 pyOpenSSL: Use-after-free in X509 object handling	2022-07-24 14:56:40 UTC

Description Frank Büttner 2019-01-17 06:10:23 UTC

Description of problem:
Version >= 2.1.4 is needed to fix  CVE-2018-1000807 and CVE-2018-1000808
in pyOpenSSL

Version-Release number of selected component (if applicable):
python34-cryptography-1.7.2.4.el7

Comment 1 Robbie Harwood 2020-01-24 20:43:05 UTC

Update seems to have been done.

Note You need to log in before you can comment on or make changes to this bug.