Recommended update for python-crcmod, python-cryptography, python-cryptography-vectors

Announcement ID: SUSE-RU-2022:4567-1
Rating: critical
References:
Affected Products:
  • Public Cloud Module 15-SP1
  • SUSE CaaS Platform 4.0
  • SUSE Enterprise Storage 6
  • SUSE Linux Enterprise High Performance Computing 15 SP1
  • SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
  • SUSE Linux Enterprise Server 15 SP1
  • SUSE Linux Enterprise Server 15 SP1 Business Critical Linux 15-SP1
  • SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1
  • SUSE Manager Proxy 4.0
  • SUSE Manager Retail Branch Server 4.0
  • SUSE Manager Server 4.0

An update that contains four features and has one fix can now be installed.

Description:

This update for python-crcmod, python-cryptography, python-cryptography-vectors contains the following fixes:

python-cryptography:

  • Update in SLE-15 (bsc#1177083, jsc#PM-2730, jsc#SLE-18312)
  • Refresh patches for new version

  • Using the Fernet class to symmetrically encrypt multi gigabyte values. (bsc#1182066, CVE-2020-36242) could result in an integer overflow and buffer overflow.

  • update to 2.9.2

  • 2.9.2 - 2020-04-22
    • Updated the macOS wheel to fix an issue where it would not run on macOS versions older than 10.15.
  • 2.9.1 - 2020-04-21
    • Updated Windows, macOS, and manylinux wheels to be compiled with OpenSSL 1.1.1g.
  • 2.9 - 2020-04-02
    • BACKWARDS INCOMPATIBLE: Support for Python 3.4 has been removed due to low usage and maintenance burden.
    • BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.0.1 has been removed. Users on older version of OpenSSL will need to upgrade.
    • BACKWARDS INCOMPATIBLE: Support for LibreSSL 2.6.x has been removed.
    • Removed support for calling public_bytes() with no arguments, as per our deprecation policy. You must now pass encoding and format.
    • BACKWARDS INCOMPATIBLE: Reversed the order in which rfc4514_string() returns the RDNs as required by RFC 4514.
    • Updated Windows, macOS, and manylinux wheels to be compiled with OpenSSL 1.1.1f.
    • Added support for parsing single_extensions in an OCSP response.
    • NameAttribute values can now be empty strings.

Changes in python-cryptography-vectors: - Update in SLE-15 (bsc#1177083, jsc#PM-2730, jsc#SLE-18312)

  • update to 2.9.2:
  • updated vectors for the cryptography 2.9.2 testing

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • Public Cloud Module 15-SP1
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP1-2022-4567=1
  • SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-4567=1
  • SUSE Linux Enterprise Server 15 SP1 Business Critical Linux 15-SP1
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4567=1
  • SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4567=1
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4567=1
  • SUSE Enterprise Storage 6
    zypper in -t patch SUSE-Storage-6-2022-4567=1
  • SUSE CaaS Platform 4.0
    To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way.

Package List:

  • Public Cloud Module 15-SP1 (noarch)
    • python2-cryptography-vectors-2.9.2-150000.3.7.1
  • SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (aarch64 x86_64)
    • python-bcrypt-debuginfo-3.1.4-150100.6.2.1
    • python3-bcrypt-3.1.4-150100.6.2.1
    • python-cffi-debugsource-1.15.0-150000.4.11.2
    • python2-bcrypt-debuginfo-3.1.4-150100.6.2.1
    • python2-cryptography-2.9.2-150100.7.8.2
    • python3-cffi-debuginfo-1.15.0-150000.4.11.2
    • python2-cffi-1.15.0-150000.4.11.2
    • python2-cryptography-debuginfo-2.9.2-150100.7.8.2
    • python2-cffi-debuginfo-1.15.0-150000.4.11.2
    • python3-bcrypt-debuginfo-3.1.4-150100.6.2.1
    • python-cryptography-debuginfo-2.9.2-150100.7.8.2
    • python-cffi-debuginfo-1.15.0-150000.4.11.2
    • python-bcrypt-debugsource-3.1.4-150100.6.2.1
    • python3-cryptography-2.9.2-150100.7.8.2
    • python2-bcrypt-3.1.4-150100.6.2.1
    • python-cryptography-debugsource-2.9.2-150100.7.8.2
    • python3-cryptography-debuginfo-2.9.2-150100.7.8.2
    • python3-cffi-1.15.0-150000.4.11.2
  • SUSE Linux Enterprise Server 15 SP1 Business Critical Linux 15-SP1 (x86_64)
    • python-bcrypt-debuginfo-3.1.4-150100.6.2.1
    • python3-bcrypt-3.1.4-150100.6.2.1
    • python-cffi-debugsource-1.15.0-150000.4.11.2
    • python2-bcrypt-debuginfo-3.1.4-150100.6.2.1
    • python2-cryptography-2.9.2-150100.7.8.2
    • python3-cffi-debuginfo-1.15.0-150000.4.11.2
    • python2-cffi-1.15.0-150000.4.11.2
    • python2-cryptography-debuginfo-2.9.2-150100.7.8.2
    • python2-cffi-debuginfo-1.15.0-150000.4.11.2
    • python3-bcrypt-debuginfo-3.1.4-150100.6.2.1
    • python-cryptography-debuginfo-2.9.2-150100.7.8.2
    • python-cffi-debuginfo-1.15.0-150000.4.11.2
    • python-bcrypt-debugsource-3.1.4-150100.6.2.1
    • python3-cryptography-2.9.2-150100.7.8.2
    • python2-bcrypt-3.1.4-150100.6.2.1
    • python-cryptography-debugsource-2.9.2-150100.7.8.2
    • python3-cryptography-debuginfo-2.9.2-150100.7.8.2
    • python3-cffi-1.15.0-150000.4.11.2
  • SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (aarch64 ppc64le s390x x86_64)
    • python-bcrypt-debuginfo-3.1.4-150100.6.2.1
    • python3-bcrypt-3.1.4-150100.6.2.1
    • python-cffi-debugsource-1.15.0-150000.4.11.2
    • python2-bcrypt-debuginfo-3.1.4-150100.6.2.1
    • python2-cryptography-2.9.2-150100.7.8.2
    • python3-cffi-debuginfo-1.15.0-150000.4.11.2
    • python2-cffi-1.15.0-150000.4.11.2
    • python2-cryptography-debuginfo-2.9.2-150100.7.8.2
    • python2-cffi-debuginfo-1.15.0-150000.4.11.2
    • python3-bcrypt-debuginfo-3.1.4-150100.6.2.1
    • python-cryptography-debuginfo-2.9.2-150100.7.8.2
    • python-cffi-debuginfo-1.15.0-150000.4.11.2
    • python-bcrypt-debugsource-3.1.4-150100.6.2.1
    • python3-cryptography-2.9.2-150100.7.8.2
    • python2-bcrypt-3.1.4-150100.6.2.1
    • python-cryptography-debugsource-2.9.2-150100.7.8.2
    • python3-cryptography-debuginfo-2.9.2-150100.7.8.2
    • python3-cffi-1.15.0-150000.4.11.2
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1 (ppc64le x86_64)
    • python-bcrypt-debuginfo-3.1.4-150100.6.2.1
    • python3-bcrypt-3.1.4-150100.6.2.1
    • python-cffi-debugsource-1.15.0-150000.4.11.2
    • python2-bcrypt-debuginfo-3.1.4-150100.6.2.1
    • python2-cryptography-2.9.2-150100.7.8.2
    • python3-cffi-debuginfo-1.15.0-150000.4.11.2
    • python2-cffi-1.15.0-150000.4.11.2
    • python2-cryptography-debuginfo-2.9.2-150100.7.8.2
    • python2-cffi-debuginfo-1.15.0-150000.4.11.2
    • python3-bcrypt-debuginfo-3.1.4-150100.6.2.1
    • python-cryptography-debuginfo-2.9.2-150100.7.8.2
    • python-cffi-debuginfo-1.15.0-150000.4.11.2
    • python-bcrypt-debugsource-3.1.4-150100.6.2.1
    • python3-cryptography-2.9.2-150100.7.8.2
    • python2-bcrypt-3.1.4-150100.6.2.1
    • python-cryptography-debugsource-2.9.2-150100.7.8.2
    • python3-cryptography-debuginfo-2.9.2-150100.7.8.2
    • python3-cffi-1.15.0-150000.4.11.2
  • SUSE Enterprise Storage 6 (aarch64 x86_64)
    • python-bcrypt-debuginfo-3.1.4-150100.6.2.1
    • python3-bcrypt-3.1.4-150100.6.2.1
    • python-cffi-debugsource-1.15.0-150000.4.11.2
    • python2-bcrypt-debuginfo-3.1.4-150100.6.2.1
    • python2-cryptography-2.9.2-150100.7.8.2
    • python3-cffi-debuginfo-1.15.0-150000.4.11.2
    • python2-cffi-1.15.0-150000.4.11.2
    • python2-cryptography-debuginfo-2.9.2-150100.7.8.2
    • python2-cffi-debuginfo-1.15.0-150000.4.11.2
    • python3-bcrypt-debuginfo-3.1.4-150100.6.2.1
    • python-cryptography-debuginfo-2.9.2-150100.7.8.2
    • python-cffi-debuginfo-1.15.0-150000.4.11.2
    • python-bcrypt-debugsource-3.1.4-150100.6.2.1
    • python3-cryptography-2.9.2-150100.7.8.2
    • python2-bcrypt-3.1.4-150100.6.2.1
    • python-cryptography-debugsource-2.9.2-150100.7.8.2
    • python3-cryptography-debuginfo-2.9.2-150100.7.8.2
    • python3-cffi-1.15.0-150000.4.11.2
  • SUSE CaaS Platform 4.0 (x86_64)
    • python-bcrypt-debuginfo-3.1.4-150100.6.2.1
    • python3-bcrypt-3.1.4-150100.6.2.1
    • python-cffi-debugsource-1.15.0-150000.4.11.2
    • python2-bcrypt-debuginfo-3.1.4-150100.6.2.1
    • python2-cryptography-2.9.2-150100.7.8.2
    • python3-cffi-debuginfo-1.15.0-150000.4.11.2
    • python2-cffi-1.15.0-150000.4.11.2
    • python2-cryptography-debuginfo-2.9.2-150100.7.8.2
    • python2-cffi-debuginfo-1.15.0-150000.4.11.2
    • python3-bcrypt-debuginfo-3.1.4-150100.6.2.1
    • python-cryptography-debuginfo-2.9.2-150100.7.8.2
    • python-cffi-debuginfo-1.15.0-150000.4.11.2
    • python-bcrypt-debugsource-3.1.4-150100.6.2.1
    • python3-cryptography-2.9.2-150100.7.8.2
    • python2-bcrypt-3.1.4-150100.6.2.1
    • python-cryptography-debugsource-2.9.2-150100.7.8.2
    • python3-cryptography-debuginfo-2.9.2-150100.7.8.2
    • python3-cffi-1.15.0-150000.4.11.2

References: