--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-253ebe55ff
2020-07-13 01:38:15.300701
--------------------------------------------------------------------------------
Name : python-rsa
Product : Fedora 31
Version : 3.4.2
Release : 15.fc31
URL :
http://stuvel.eu/rsa
Summary : Pure-Python RSA implementation
Description :
Python-RSA is a pure-Python RSA implementation. It supports encryption
and decryption, signing and verifying signatures, and key generation
according to PKCS#1 version 1.5. It can be used as a Python library as
well as on the command-line.
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2020-13757
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jul 5 2020 Fabio Alessandro Locati <fale(a)fedoraproject.org> - 3.4.2-15
- Backport patch to fix CVE-2020-13757
* Thu Jan 30 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.4.2-14
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Jan 9 2020 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> - 3.4.2-13
- Remove dependency on unittest2 (#1789200)
* Fri Sep 20 2019 Miro Hron��ok <mhroncok(a)redhat.com> - 3.4.2-12
- Subpackage python2-rsa has been removed
See
https://fedoraproject.org/wiki/Changes/Mass_Python_2_Package_Removal
* Mon Aug 19 2019 Miro Hron��ok <mhroncok(a)redhat.com> - 3.4.2-11
- Rebuilt for Python 3.8
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1848507 - CVE-2020-13757 python-rsa: decryption of ciphertext leads to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1848507
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-253ebe55ff' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------