Early Access — Mondoo Vulnerability Intelligence is currently in preview.
SUSE-SU-2021:0675-1
UNKNOWN
Security update for python-cryptography
Published Mar 2, 2021
Modified 4 years ago
Fix available
Details
This update for python-cryptography fixes the following issues:
CVE-2020-36242: Using the Fernet class to symmetrically encrypt multi gigabyte
values could result in an integer overflow and buffer overflow (bsc#1182066).
Affected Packages
python-cryptography
SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Server 12 SP2-BCLSUSE Linux Enterprise Server 12 SP2-LTSSSUSE Linux Enterprise Server 12 SP3-BCLSUSE Linux Enterprise Server 12 SP3-LTSS
Fixed in:
2.1.4-7.34.1
python3-cryptography
SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Server 12 SP2-BCLSUSE Linux Enterprise Server 12 SP2-LTSSSUSE Linux Enterprise Server 12 SP3-BCLSUSE Linux Enterprise Server 12 SP3-LTSS