{"affected":[{"ecosystem_specific":{"binaries":[{"python2-cryptography-vectors":"2.9.2-150000.3.7.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Public Cloud 15 SP1","name":"python-cryptography-vectors","purl":"pkg:rpm/suse/python-cryptography-vectors&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.9.2-150000.3.7.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python2-bcrypt":"3.1.4-150100.6.2.1","python2-cffi":"1.15.0-150000.4.11.2","python2-cryptography":"2.9.2-150100.7.8.2","python3-bcrypt":"3.1.4-150100.6.2.1","python3-cffi":"1.15.0-150000.4.11.2","python3-cryptography":"2.9.2-150100.7.8.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSS","name":"python-bcrypt","purl":"pkg:rpm/suse/python-bcrypt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.1.4-150100.6.2.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python2-bcrypt":"3.1.4-150100.6.2.1","python2-cffi":"1.15.0-150000.4.11.2","python2-cryptography":"2.9.2-150100.7.8.2","python3-bcrypt":"3.1.4-150100.6.2.1","python3-cffi":"1.15.0-150000.4.11.2","python3-cryptography":"2.9.2-150100.7.8.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSS","name":"python-cffi","purl":"pkg:rpm/suse/python-cffi&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.15.0-150000.4.11.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python2-bcrypt":"3.1.4-150100.6.2.1","python2-cffi":"1.15.0-150000.4.11.2","python2-cryptography":"2.9.2-150100.7.8.2","python3-bcrypt":"3.1.4-150100.6.2.1","python3-cffi":"1.15.0-150000.4.11.2","python3-cryptography":"2.9.2-150100.7.8.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSS","name":"python-cryptography","purl":"pkg:rpm/suse/python-cryptography&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.9.2-150100.7.8.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python2-bcrypt":"3.1.4-150100.6.2.1","python2-cffi":"1.15.0-150000.4.11.2","python2-cryptography":"2.9.2-150100.7.8.2","python3-bcrypt":"3.1.4-150100.6.2.1","python3-cffi":"1.15.0-150000.4.11.2","python3-cryptography":"2.9.2-150100.7.8.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP1-BCL","name":"python-bcrypt","purl":"pkg:rpm/suse/python-bcrypt&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCL"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.1.4-150100.6.2.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python2-bcrypt":"3.1.4-150100.6.2.1","python2-cffi":"1.15.0-150000.4.11.2","python2-cryptography":"2.9.2-150100.7.8.2","python3-bcrypt":"3.1.4-150100.6.2.1","python3-cffi":"1.15.0-150000.4.11.2","python3-cryptography":"2.9.2-150100.7.8.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP1-BCL","name":"python-cffi","purl":"pkg:rpm/suse/python-cffi&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCL"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.15.0-150000.4.11.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python2-bcrypt":"3.1.4-150100.6.2.1","python2-cffi":"1.15.0-150000.4.11.2","python2-cryptography":"2.9.2-150100.7.8.2","python3-bcrypt":"3.1.4-150100.6.2.1","python3-cffi":"1.15.0-150000.4.11.2","python3-cryptography":"2.9.2-150100.7.8.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP1-BCL","name":"python-cryptography","purl":"pkg:rpm/suse/python-cryptography&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCL"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.9.2-150100.7.8.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python2-bcrypt":"3.1.4-150100.6.2.1","python2-cffi":"1.15.0-150000.4.11.2","python2-cryptography":"2.9.2-150100.7.8.2","python3-bcrypt":"3.1.4-150100.6.2.1","python3-cffi":"1.15.0-150000.4.11.2","python3-cryptography":"2.9.2-150100.7.8.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP1-LTSS","name":"python-bcrypt","purl":"pkg:rpm/suse/python-bcrypt&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.1.4-150100.6.2.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python2-bcrypt":"3.1.4-150100.6.2.1","python2-cffi":"1.15.0-150000.4.11.2","python2-cryptography":"2.9.2-150100.7.8.2","python3-bcrypt":"3.1.4-150100.6.2.1","python3-cffi":"1.15.0-150000.4.11.2","python3-cryptography":"2.9.2-150100.7.8.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP1-LTSS","name":"python-cffi","purl":"pkg:rpm/suse/python-cffi&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.15.0-150000.4.11.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python2-bcrypt":"3.1.4-150100.6.2.1","python2-cffi":"1.15.0-150000.4.11.2","python2-cryptography":"2.9.2-150100.7.8.2","python3-bcrypt":"3.1.4-150100.6.2.1","python3-cffi":"1.15.0-150000.4.11.2","python3-cryptography":"2.9.2-150100.7.8.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP1-LTSS","name":"python-cryptography","purl":"pkg:rpm/suse/python-cryptography&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.9.2-150100.7.8.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python2-bcrypt":"3.1.4-150100.6.2.1","python2-cffi":"1.15.0-150000.4.11.2","python2-cryptography":"2.9.2-150100.7.8.2","python3-bcrypt":"3.1.4-150100.6.2.1","python3-cffi":"1.15.0-150000.4.11.2","python3-cryptography":"2.9.2-150100.7.8.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP1","name":"python-bcrypt","purl":"pkg:rpm/suse/python-bcrypt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.1.4-150100.6.2.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python2-bcrypt":"3.1.4-150100.6.2.1","python2-cffi":"1.15.0-150000.4.11.2","python2-cryptography":"2.9.2-150100.7.8.2","python3-bcrypt":"3.1.4-150100.6.2.1","python3-cffi":"1.15.0-150000.4.11.2","python3-cryptography":"2.9.2-150100.7.8.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP1","name":"python-cffi","purl":"pkg:rpm/suse/python-cffi&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.15.0-150000.4.11.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python2-bcrypt":"3.1.4-150100.6.2.1","python2-cffi":"1.15.0-150000.4.11.2","python2-cryptography":"2.9.2-150100.7.8.2","python3-bcrypt":"3.1.4-150100.6.2.1","python3-cffi":"1.15.0-150000.4.11.2","python3-cryptography":"2.9.2-150100.7.8.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP1","name":"python-cryptography","purl":"pkg:rpm/suse/python-cryptography&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.9.2-150100.7.8.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python2-bcrypt":"3.1.4-150100.6.2.1","python2-cffi":"1.15.0-150000.4.11.2","python2-cryptography":"2.9.2-150100.7.8.2","python3-bcrypt":"3.1.4-150100.6.2.1","python3-cffi":"1.15.0-150000.4.11.2","python3-cryptography":"2.9.2-150100.7.8.2"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 6","name":"python-bcrypt","purl":"pkg:rpm/suse/python-bcrypt&distro=SUSE%20Enterprise%20Storage%206"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.1.4-150100.6.2.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python2-bcrypt":"3.1.4-150100.6.2.1","python2-cffi":"1.15.0-150000.4.11.2","python2-cryptography":"2.9.2-150100.7.8.2","python3-bcrypt":"3.1.4-150100.6.2.1","python3-cffi":"1.15.0-150000.4.11.2","python3-cryptography":"2.9.2-150100.7.8.2"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 6","name":"python-cffi","purl":"pkg:rpm/suse/python-cffi&distro=SUSE%20Enterprise%20Storage%206"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.15.0-150000.4.11.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python2-bcrypt":"3.1.4-150100.6.2.1","python2-cffi":"1.15.0-150000.4.11.2","python2-cryptography":"2.9.2-150100.7.8.2","python3-bcrypt":"3.1.4-150100.6.2.1","python3-cffi":"1.15.0-150000.4.11.2","python3-cryptography":"2.9.2-150100.7.8.2"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 6","name":"python-cryptography","purl":"pkg:rpm/suse/python-cryptography&distro=SUSE%20Enterprise%20Storage%206"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.9.2-150100.7.8.2"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for python-crcmod, python-cryptography, python-cryptography-vectors contains the following fixes:\n\n\npython-cryptography:\n\n- Update in SLE-15 (bsc#1177083, jsc#PM-2730, jsc#SLE-18312)\n- Refresh patches for new version\n* Using the Fernet class to symmetrically encrypt multi gigabyte values. (bsc#1182066, CVE-2020-36242)\n    could result in an integer overflow and buffer overflow.\n\n- update to 2.9.2\n  * 2.9.2 - 2020-04-22\n    - Updated the macOS wheel to fix an issue where it would not run on macOS versions older than 10.15.\n  * 2.9.1 - 2020-04-21\n    - Updated Windows, macOS, and manylinux wheels to be compiled with OpenSSL 1.1.1g.\n  * 2.9 - 2020-04-02\n    - BACKWARDS INCOMPATIBLE: Support for Python 3.4 has been removed due to\n      low usage and maintenance burden.\n    - BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.0.1 has been removed.\n      Users on older version of OpenSSL will need to upgrade.\n    - BACKWARDS INCOMPATIBLE: Support for LibreSSL 2.6.x has been removed.\n    - Removed support for calling public_bytes() with no arguments, as per \n      our deprecation policy. You must now pass encoding and format.\n    - BACKWARDS INCOMPATIBLE: Reversed the order in which rfc4514_string()\n      returns the RDNs as required by RFC 4514.\n    - Updated Windows, macOS, and manylinux wheels to be compiled with OpenSSL 1.1.1f.\n    - Added support for parsing single_extensions in an OCSP response.\n    - NameAttribute values can now be empty strings.\n\nChanges in python-cryptography-vectors:\n- Update in SLE-15 (bsc#1177083, jsc#PM-2730, jsc#SLE-18312)\n\n- update to 2.9.2:\n  * updated vectors for the cryptography 2.9.2 testing\n\n  ","id":"SUSE-RU-2022:4567-1","modified":"2022-12-19T12:59:33Z","published":"2022-12-19T12:59:33Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/-2022-4567/suse-ru-20224567-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1177083"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-36242"}],"related":["CVE-2020-36242"],"summary":"Recommended update for python-crcmod, python-cryptography, python-cryptography-vectors","upstream":["CVE-2020-36242"]}