SUSE-RU-2017:0996-1: moderate: Recommended update for python-cryptography

sle-updates at sle-updates at
Wed Apr 12 16:08:56 MDT 2017

   SUSE Recommended Update: Recommended update for python-cryptography

Announcement ID:    SUSE-RU-2017:0996-1
Rating:             moderate
References:         #1014478 
Affected Products:
                    SUSE OpenStack Cloud 6
                    SUSE Linux Enterprise Server 12-SP1
                    SUSE Linux Enterprise Desktop 12-SP1

   An update that has one recommended fix can now be installed.


   This update provides python-cryptography 1.1.2, which brings many fixes
   and enhancements:

   - Fixed a runtime error 'undefined symbol EC_GFp_nistp224_method' that
     occurred with some OpenSSL installations.
   - Fixed several small bugs related to compiling the OpenSSL bindings with
     unusual OpenSSL configurations.
   - Added support for Elliptic Curve Diffie-Hellman.
   - Added support for parsing certificate revocation lists (CRLs).
   - Add support for AES key wrapping.
   - Add support for encoding and decoding elliptic curve points to a byte
     string form.
   - 'countryName' is now encoded as a 'PrintableString' when creating
     subject and issuer distinguished names with the Certificate and CSR
     builder classes.
   - The OpenSSL backend prior to 1.0.2 made extensive use of assertions to
     check response codes where our tests could not trigger a failure.
     However, when Python is run with '-O' these asserts are optimized away.
     If a user ran Python with this flag and got an invalid response code
     this could result in undefined behavior or worse. Accordingly, all
     response checks from the OpenSSL backend have been converted from
     'assert' to a true function call.
   - Set the default string mask to UTF-8 in the OpenSSL backend to resolve
     character encoding issues with older versions of OpenSSL.
   - Several new OpenSSL bindings have been added to support a future
     pyOpenSSL release.

Patch Instructions:

   To install this SUSE Recommended Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud 6:

      zypper in -t patch SUSE-OpenStack-Cloud-6-2017-579=1

   - SUSE Linux Enterprise Server 12-SP1:

      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-579=1

   - SUSE Linux Enterprise Desktop 12-SP1:

      zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-579=1

   To bring your system up-to-date, use "zypper patch".

Package List:

   - SUSE OpenStack Cloud 6 (x86_64):


   - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64):


   - SUSE Linux Enterprise Desktop 12-SP1 (x86_64):



More information about the sle-updates mailing list