MGASA-2018-0171

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2018-0171.html

Import Source

https://advisories.mageia.org/MGASA-2018-0171.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2018-0171

Related

CVE-2018-6594

Published

2018-03-19T12:13:14Z

Modified

2018-03-19T11:33:10Z

Summary

Updated python-pycrypto packages fix security vulnerability

Details

The textbook ElGamal implementation is not secure. PyCrypto and some other implementations use the wrong algorithm, which may lead to some information disclosure simply by looking at the encrypted text. For a full description, see https://github.com/dlitz/pycrypto/issues/253 This update includes a fix for this problem backported from pycryptodome.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / python-pycrypto

Package

Name: python-pycrypto
Purl: pkg:rpm/mageia/python-pycrypto?arch=source&distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6.1-6.2.mga5

Ecosystem specific

{
    "section": "core"
}

Mageia:6 / python-pycrypto

Package

Name: python-pycrypto
Purl: pkg:rpm/mageia/python-pycrypto?arch=source&distro=mageia-6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6.1-9.1.mga6

Ecosystem specific

{
    "section": "core"
}