SUSE-RU-2017:0996-1: moderate: Recommended update for python-cryptography
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Wed Apr 12 16:08:56 MDT 2017
SUSE Recommended Update: Recommended update for python-cryptography
______________________________________________________________________________
Announcement ID: SUSE-RU-2017:0996-1
Rating: moderate
References: #1014478
Affected Products:
SUSE OpenStack Cloud 6
SUSE Linux Enterprise Server 12-SP1
SUSE Linux Enterprise Desktop 12-SP1
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update provides python-cryptography 1.1.2, which brings many fixes
and enhancements:
- Fixed a runtime error 'undefined symbol EC_GFp_nistp224_method' that
occurred with some OpenSSL installations.
- Fixed several small bugs related to compiling the OpenSSL bindings with
unusual OpenSSL configurations.
- Added support for Elliptic Curve Diffie-Hellman.
- Added support for parsing certificate revocation lists (CRLs).
- Add support for AES key wrapping.
- Add support for encoding and decoding elliptic curve points to a byte
string form.
- 'countryName' is now encoded as a 'PrintableString' when creating
subject and issuer distinguished names with the Certificate and CSR
builder classes.
- The OpenSSL backend prior to 1.0.2 made extensive use of assertions to
check response codes where our tests could not trigger a failure.
However, when Python is run with '-O' these asserts are optimized away.
If a user ran Python with this flag and got an invalid response code
this could result in undefined behavior or worse. Accordingly, all
response checks from the OpenSSL backend have been converted from
'assert' to a true function call.
- Set the default string mask to UTF-8 in the OpenSSL backend to resolve
character encoding issues with older versions of OpenSSL.
- Several new OpenSSL bindings have been added to support a future
pyOpenSSL release.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE OpenStack Cloud 6:
zypper in -t patch SUSE-OpenStack-Cloud-6-2017-579=1
- SUSE Linux Enterprise Server 12-SP1:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-579=1
- SUSE Linux Enterprise Desktop 12-SP1:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-579=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE OpenStack Cloud 6 (x86_64):
python-cryptography-1.1.2-3.5.1
python-cryptography-debuginfo-1.1.2-3.5.1
python-cryptography-debugsource-1.1.2-3.5.1
- SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64):
python-cryptography-1.1.2-3.5.1
python-cryptography-debuginfo-1.1.2-3.5.1
python-cryptography-debugsource-1.1.2-3.5.1
- SUSE Linux Enterprise Desktop 12-SP1 (x86_64):
python-cryptography-1.1.2-3.5.1
python-cryptography-debuginfo-1.1.2-3.5.1
python-cryptography-debugsource-1.1.2-3.5.1
References:
https://bugzilla.suse.com/1014478
More information about the sle-updates
mailing list