Re: [SECURITY] [DLA 1283-1] python-crypto security update

To: Brian May <bam@debian.org>, debian-lts@lists.debian.org, security@debian.org
Subject: Re: [SECURITY] [DLA 1283-1] python-crypto security update
From: Antoine Beaupré <anarcat@orangeseeds.org>
Date: Mon, 26 Mar 2018 10:57:59 -0400
Message-id: <[🔎] 87tvt2vq88.fsf@curie.anarc.at>
In-reply-to: <87lgfod5qw.fsf@prune.linuxpenguins.xyz>
References: <20180215073648.sfqwvisvthsxswta@prune.linuxpenguins.xyz> <87lgfod5qw.fsf@prune.linuxpenguins.xyz>

On 2018-02-20 07:33:27, Brian May wrote:
> Any comments? Where should we go from here?

I'm not sure. The security team marked that as "no-dsa (minor issue)"
for jessie and stretch, and fixed in pycryptodome 3.4.11-1... Couldn't
we reuse the fixes from cryptodome to get this working properly? Or is
this what you say breaks API compatibility?

Maybe we just let this one slide? It's not as if ElGamal was a very
popular algo, is it?

a.

-- 
Au nom de l'état, la force s'appelle droit.
Au main de l'individu, elle s'appelle crime.
                        - Max Stirner

Reply to:

Follow-Ups:
- Re: [SECURITY] [DLA 1283-1] python-crypto security update
  - From: Brian May <bam@debian.org>

Prev by Date: nVidia drivers for kernel 3.2.96-3 (3.0.2-5)
Next by Date: Re: Regarding microcode update
Previous by thread: Re: nVidia drivers for kernel 3.2.96-3 (3.0.2-5)
Next by thread: Re: [SECURITY] [DLA 1283-1] python-crypto security update
Index(es):
- Date
- Thread