Damien Miller reports: Warning: py-bcrypt <0.3 contains a concurrency bug that could result in authn bypass. Please upgrade to 0.3 from https://pypi.python.org/pypi/py-bcrypt
Created py-bcrypt tracking bugs for this issue Affects: fedora-all [bug 927510]
Created py-bcrypt tracking bugs for this issue Affects: epel-6 [bug 927512]
Relevant upstream patch: https://code.google.com/p/py-bcrypt/source/detail?r=3bc365ff43736d26ff37e9f2a4084f37b381b569
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.