MDVSA-2009:050-1
- Package name
- python-pycrypto
- Date
- 2009-02-23
- Advisory ID
- MDVSA-2009:050-1
- Affected versions
- 2009.0 x86_64 , 2009.0 i586
Problem description
A vulnerability have been discovered and corrected in PyCrypto
ARC2 module 2.0.1, which allows remote attackers to cause a denial
of service and possibly execute arbitrary code via a large ARC2 key
length (CVE-2009-0544).
The updated packages have been patched to prevent this.
Update:
The previous update package was not signed.
Updated packages
2009.0 x86_64
77071b620a3b193ddc50bcc7e60873be 2009.0/x86_64/python-pycrypto-2.0.1-4.2mdv2009.0.x86_64.rpm 610275bf3bcc33e324cc42ea1a1e0021 2009.0/SRPMS/python-pycrypto-2.0.1-4.2mdv2009.0.src.rpm
2009.0 i586
e50d00d0c1a180f214ba9ad5d712e4e4 2009.0/i586/python-pycrypto-2.0.1-4.2mdv2009.0.i586.rpm 610275bf3bcc33e324cc42ea1a1e0021 2009.0/SRPMS/python-pycrypto-2.0.1-4.2mdv2009.0.src.rpm