[SECURITY] [DLA 773-1] python-crypto security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : python-crypto
Version : 2.6-4+deb7u4
CVE ID : CVE-2013-7459
Debian Bug : 849495
It was discovered that there was a vulnerability in python-crypto, a library of
cryptographic algorithms and protocols for Python. Calling AES.new with an
invalid parameter could crash the Python interpreter:
<https://github.com/dlitz/pycrypto/issues/176>
For Debian 7 "Wheezy", this issue has been fixed in python-crypto version
2.6-4+deb7u4.
We recommend that you upgrade your python-crypto packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlho5McACgkQHpU+J9Qx
HlguvBAAxvwxrC17S+UgmDkK51Ylm5i2W1suwwEvdl0uu7O+A09ok/WxPMuUWb4O
Er5y38Esl88udV9AX7rWWcNGJy83vW8rix/8vMmq0LHI6SNXZnarCp811IDAg8Iz
1JD8jr9D8siaBITH4wtY7B7fimVos5PG+vPa+IF+QP+JcvBZzMCZ2DxJiEJDM6BN
JSQlyIaKj86GY+oLn3JWNvwJFt77umgz+FcOfnk2K0eStPbs11JucZSPg+aqMDa0
udyZ3OsPJcfI4DRLy1rRLC+AnFbyhgdRwtajWtUt6KSE74veEkTccv4WdWMvRULe
kycEfcTpRkAIdYYMCQkzoVkT5+OkgHm6rar6yz1l2ap4HVx9sOhj05I9ml9RLnvN
Pz+qiEBWB2QWcXZqMkhQQXuetnlcPfefom3rxnN5F2LtE2RAF6GF9AF9jx1FGcg6
hkPpXC/gwKPEbjo/IAdk+KfY0n/fuzq+lH8cH5LN7Yo/RQj/4/kjFkIOKAdg+TFw
LerCHzIwYZ+zsYSKrV3/MmPU5gB/jAwii5p/Djk7PYpAZFGGN4dCKoWlsB9lc2ok
WJPCoTElmybgLH1dvU7ZNLsImFutD6ZZbb/9nZAANbZVM0XQTkV6FSStlS068aVq
/Bz39jbT3LgvGW3C7sRCMqRICKSjJyGHRyKVC1BbVshbLUYcBMY=
=N4zM
-----END PGP SIGNATURE-----
Reply to: