MDVSA-2009:049-1
- Package name
- pycrypto
- Date
- 2009-02-23
- Advisory ID
- MDVSA-2009:049-1
- Affected versions
- 2009.0 x86_64 , 2008.0 i586 , 2009.0 i586 , CS4.0 i586 , 2008.0 x86_64 , CS4.0 x86_64 , 2008.1 x86_64 , 2008.1 i586
Problem description
A vulnerability have been discovered and corrected in PyCrypto
ARC2 module 2.0.1, which allows remote attackers to cause a denial
of service and possibly execute arbitrary code via a large ARC2 key
length (CVE-2009-0544).
The updated packages have been patched to prevent this.
Update:
The previous update package was not signed.
Updated packages
2009.0 x86_64
a9c40ff85f100eb526b0f0ae32f00847 2009.0/x86_64/pycrypto-2.0.1-3.2mdv2009.0.x86_64.rpm e62c0d3f5a3876e3b133f24e999ef43d 2009.0/SRPMS/pycrypto-2.0.1-3.2mdv2009.0.src.rpm
2008.0 i586
f31a0d508eafe731128deb0122796f94 2008.0/i586/pycrypto-2.0.1-1.2mdv2008.0.i586.rpm a68bc35174eb2087b91e96c21c78be75 2008.0/SRPMS/pycrypto-2.0.1-1.2mdv2008.0.src.rpm
2009.0 i586
b2336808c78f3fdd09f60897d0d35205 2009.0/i586/pycrypto-2.0.1-3.2mdv2009.0.i586.rpm e62c0d3f5a3876e3b133f24e999ef43d 2009.0/SRPMS/pycrypto-2.0.1-3.2mdv2009.0.src.rpm
CS4.0 i586
3b74a2633ca5b9375e56b28aad74f4c4 corporate/4.0/i586/pycrypto-2.0-1.2.20060mlcs4.i586.rpm ace401a029dbba1943e9549ddcd00964 corporate/4.0/SRPMS/pycrypto-2.0-1.2.20060mlcs4.src.rpm
2008.0 x86_64
39b1f6c3a2a4ab36884bc881550a9579 2008.0/x86_64/pycrypto-2.0.1-1.2mdv2008.0.x86_64.rpm a68bc35174eb2087b91e96c21c78be75 2008.0/SRPMS/pycrypto-2.0.1-1.2mdv2008.0.src.rpm
CS4.0 x86_64
ab3d0ef979d7812c7f8aeccf349e4c63 corporate/4.0/x86_64/pycrypto-2.0-1.2.20060mlcs4.x86_64.rpm ace401a029dbba1943e9549ddcd00964 corporate/4.0/SRPMS/pycrypto-2.0-1.2.20060mlcs4.src.rpm
2008.1 x86_64
92a147879e470d2b012e8cda9580eac0 2008.1/x86_64/pycrypto-2.0.1-2.2mdv2008.1.x86_64.rpm 5fc3117ec78f4cdbc0fb7231bd1cc28e 2008.1/SRPMS/pycrypto-2.0.1-2.2mdv2008.1.src.rpm
2008.1 i586
73f70b1c20aca5d03c631f70afaa6e47 2008.1/i586/pycrypto-2.0.1-2.2mdv2008.1.i586.rpm 5fc3117ec78f4cdbc0fb7231bd1cc28e 2008.1/SRPMS/pycrypto-2.0.1-2.2mdv2008.1.src.rpm