[SECURITY] [DLA 3331-1] python-cryptography security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 3331-1] python-cryptography security update
From: "Chris Lamb" <lamby@debian.org>
Date: Wed, 22 Feb 2023 12:00:30 -0800
Message-id: <[🔎] 167700850081.2090091.2422497762980046056@copycat>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3331-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                           Chris Lamb
February 21, 2023                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : python-cryptography
Version        : 2.6.1-3+deb10u3
CVE ID         : CVE-2023-23931
Debian Bug     : 1031049

It was discovered that there was a potential memory corrution
vulnerability in python-cryptography, a Python library offering a
number of encryption and cryptography primitives.

For Debian 10 buster, this problem has been fixed in version
2.6.1-3+deb10u3.

We recommend that you upgrade your python-cryptography packages.

For the detailed security status of python-cryptography please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-cryptography

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmP1HfsACgkQHpU+J9Qx
HlgYqg//TtZYDIgA18CtgXdzE+sodon8ulCvhI9h9v2Y5PxOpKo5JAJKHov+T/Ek
UIQAF02SSYZzJrYhh54BWvQ3U27e9nkb+EliLkYEIGJaWf+cjOc6BL0S1tRO79/2
cjEhYPfWCCFAgOcLXwVNwZtwcCEQObjmYiTeVWpxsWES8EM9AOYUqSuzg743lXoF
E3wUOJTJpkgh3TkWYpCR06RlnnCgsLOs3QXh3K8Y19U7RvhnlfEKbIUMOx6SJSec
6zRrVWxWcudqzw2OfF4H52XSi3+DGiUzGWTVtCoqfc10FkySnEPj517Jo5b7GEZt
9q1aC800RQq+85pUeiVSInDHpoMyK4kdL7+SkeVrwGUyINlm1rhIw3xAPejQCz1j
m+mWIW7sFLRye4AJceA86A+Bi3S15vmU+F/ZHt9KZLo/sAaJFEiboc7FzW3ifND+
hapktVkdPGs4ZDm/A/UuYVOLo1XKGmzsAsrXnAAbcPXFsvcqxJODnrX8WLUF0f6w
Lx/yP6fMXDgyjI0+yni/Wx0qG4x6naUXj5CJTozXPopUm4KGewOSnO2B5r/LXzxD
66mfEI5X7W8pe9PHw2Y3RiO2WFvAz9RXzECIe7W1rJ/k3mvYHIY18ZzbtL653OoL
hZHMBFoIjgVAgTdcWBvqbzBW68Gq33o+vPTaz5wrWAkWxpUg5X0=
=5j/J
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3333-1] tiff security update
Next by Date: [SECURITY] [DLA 3334-1] sofia-sip security update
Previous by thread: [SECURITY] [DLA 3333-1] tiff security update
Next by thread: [SECURITY] [DLA 3334-1] sofia-sip security update
Index(es):
- Date
- Thread