Source: python-rsa Version: 4.0-4 Severity: important Tags: security upstream Forwarded: https://github.com/sybrenstuvel/python-rsa/issues/165 X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Control: found -1 4.0-2
Hi, The following vulnerability was published for python-rsa. CVE-2020-25658[0]: | It was found that python-rsa is vulnerable to Bleichenbacher timing | attacks. An attacker can use this flaw via the RSA decryption API to | decrypt parts of the cipher text encrypted with RSA. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2020-25658 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25658 [1] https://github.com/sybrenstuvel/python-rsa/issues/165 Regards, Salvatore
