Package name
python-pycrypto
Date
2009-02-23
Advisory ID
MDVSA-2009:050-1
Affected versions
2009.0 x86_64 , 2009.0 i586

Problem description

A vulnerability have been discovered and corrected in PyCrypto
ARC2 module 2.0.1, which allows remote attackers to cause a denial
of service and possibly execute arbitrary code via a large ARC2 key
length (CVE-2009-0544).

The updated packages have been patched to prevent this.

Update:

The previous update package was not signed.

Updated packages

2009.0 x86_64

 77071b620a3b193ddc50bcc7e60873be  2009.0/x86_64/python-pycrypto-2.0.1-4.2mdv2009.0.x86_64.rpm 
 610275bf3bcc33e324cc42ea1a1e0021  2009.0/SRPMS/python-pycrypto-2.0.1-4.2mdv2009.0.src.rpm

2009.0 i586

 e50d00d0c1a180f214ba9ad5d712e4e4  2009.0/i586/python-pycrypto-2.0.1-4.2mdv2009.0.i586.rpm 
 610275bf3bcc33e324cc42ea1a1e0021  2009.0/SRPMS/python-pycrypto-2.0.1-4.2mdv2009.0.src.rpm

References