SUSE-SU-2017:2350-1

Details

This update for python-pycrypto fixes the following issues:

CVE-2013-7459: Fixed a potential heap buffer overflow in ALGnew (bsc#1017420).

python-paramiko was adjusted to work together with this python-pycrypto change. (bsc#1047666)

Affected Packages

python-paramiko

SUSE Enterprise Storage 3SUSE OpenStack Cloud 6

Fixed in:

1.15.2-2.3.1

python-pycrypto

SUSE Enterprise Storage 3SUSE Enterprise Storage 4SUSE Linux Enterprise Module for Advanced Systems Management 12SUSE Linux Enterprise Module for Public Cloud 12SUSE Linux Enterprise Module for Web and Scripting 12

Fixed in:

2.6.1-10.3.1

python-paramiko

SUSE Linux Enterprise Module for Public Cloud 12

Fixed in:

1.15.2-2.6.1

References

REPORT

https://bugzilla.suse.com/1017420

REPORT

https://bugzilla.suse.com/1047666

WEB

https://www.suse.com/security/cve/CVE-2013-7459

ADVISORY

https://www.suse.com/support/update/announcement/2017/suse-su-20172350-1/