rpms/python-cryptography
5
0
Fork 0
Code Issues Pull Requests Releases Activity

import python-cryptography-3.2.1-5.el8

Browse Source
This commit is contained in:
CentOS Sources 2021-10-06 08:37:12 -04:00 committed by Stepan Oksanichenko
parent e20b062f65
commit 8049d2384a
2 changed files with 30 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
SOURCES/0005-CVE-2020-36242.patch Normal file
View File

@ -0,0 +1,18 @@
From 962eac3925c7184fb5dc174357823223beba0d85 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Sun, 7 Feb 2021 11:04:43 -0600
Subject: [PATCH] port changelog and fix back to master for CVE-2020-36242
diff --git a/src/cryptography/hazmat/backends/openssl/ciphers.py b/src/cryptography/hazmat/backends/openssl/ciphers.py
index 2b10681b31..0f96795fdc 100644
--- a/src/cryptography/hazmat/backends/openssl/ciphers.py
+++ b/src/cryptography/hazmat/backends/openssl/ciphers.py
@@ -16,7 +16,7 @@
class _CipherContext(object):
_ENCRYPT = 1
_DECRYPT = 0
- _MAX_CHUNK_SIZE = 2 ** 31 - 1
+ _MAX_CHUNK_SIZE = 2 ** 30 - 1
def __init__(self, backend, cipher, mode, operation):
self._backend = backend

13
SPECS/python-cryptography.spec
View File

@ -4,7 +4,7 @@
Name: python-%{srcname}
Version: 3.2.1
Release: 3%{?dist}
Release: 5%{?dist}
Summary: PyCA's cryptography library
Group: Development/Libraries
@ -16,6 +16,7 @@ Patch0001: 0001-Re-add-deprecated-and-removed-features.patch
Patch0002: 0002-Support-pytest-3.4.2.patch
Patch0003: 0003-Skip-iso8601-test-cases.patch
Patch0004: 0004-Revert-remove-NPN-bindings.patch
Patch0005: 0005-CVE-2020-36242.patch
BuildRequires: openssl-devel
BuildRequires: gcc
@ -81,6 +82,16 @@ PYTHONPATH=%{buildroot}%{python3_sitearch} %{__python3} -m pytest
%changelog
* Tue Jun 08 2021 Christian Heimes <cheimes@redhat.com> - 3.2.1-5
- Rebuild for RHEL 8.5
- Resolves: rhbz#1933071
* Tue Feb 09 2021 Christian Heimes <cheimes@redhat.com> - 3.2.1-4
- CVE-2020-36242: Fixed a bug where certain sequences of update() calls
when symmetrically encrypting very large payloads (>2GB) could result
in an integer overflow, leading to buffer overflows.
- Resolves: rhbz#1926528
* Mon Dec 14 17:24:01 CET 2020 Christian Heimes <cheimes@redhat.com> - 3.2.1-3
- Conflict with non-matching vector package