Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in pyOpenSSL.
Software Description:
- pyopenssl: Python wrapper around the OpenSSL library
Details:
It was discovered that pyOpenSSL incorrectly handled memory when handling
X509 objects. A remote attacker could use this issue to cause pyOpenSSL to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2018-1000807)
It was discovered that pyOpenSSL incorrectly handled memory when performing
operations on a PKCS #12 store. A remote attacker could possibly use this
issue to cause pyOpenSSL to consume resources, resulting in a denial of
service. (CVE-2018-1000808)
The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: python-openssl 0.15.1-2ubuntu0.2 python3-openssl 0.15.1-2ubuntu0.2 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-3813-1
CVE-2018-1000807, CVE-2018-1000808
Get the latest Linux and open source security news straight to your inbox.