Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2020-36242: Symmetrically encrypting large values can lead to integer overflow #84

Closed
piraz opened this issue Feb 13, 2021 · 0 comments
Closed

CVE-2020-36242: Symmetrically encrypting large values can lead to integer overflow #84

piraz opened this issue Feb 13, 2021 · 0 comments
Assignees
@piraz
Labels
security
Milestone
0.9.7

Comments

@piraz
Copy link

piraz commented Feb 13, 2021

Let's update cryptography to address this issue.

See:
@piraz piraz added the security label Feb 13, 2021
@piraz piraz added this to the 0.9.7 milestone Feb 13, 2021
@piraz piraz self-assigned this Feb 13, 2021
@piraz piraz mentioned this issue Feb 13, 2021
Closed
piraz added a commit to piraz/automatoes that referenced this issue Feb 20, 2021
@piraz
Set a diferent criptografy for python 3.5.
390515c 
Python 3.5 will continue exposed to Fixed CVE-2020-36242.

It is not recomented to keep on 3.5.

Fixes: candango#84
piraz added a commit to piraz/automatoes that referenced this issue Feb 20, 2021
@piraz
Add script to install cryptography to the build.
23d0cec 
Fixes: candango#84
@piraz piraz closed this as completed in d7cf06c Feb 20, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@piraz piraz

Labels
security
Projects
None yet
Milestone
0.9.7
Development

No branches or pull requests
1 participant
@piraz