Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

correct buffer overflows cause by integer overflow in openssl #5747

Merged
merged 3 commits into from Feb 7, 2021
Merged

correct buffer overflows cause by integer overflow in openssl #5747

merged 3 commits into from Feb 7, 2021

Conversation

alex
Copy link
Member

@alex alex commented Feb 7, 2021

frustratingly, there is no test for this -- that's because testing this
requires allocating more memory than is available in CI.

fixes #5615.

@alex
correct buffer overflows cause by integer overflow in openssl
fae28c1 
frustratingly, there is no test for this -- that's because testing this
requires allocating more memory than is available in CI.

fixes pyca#5615.
@alex
backport CI fixes
59eb8dc
@alex
another CI backport
33f288e
@reaperhulk reaperhulk merged commit 82b6ce2 into pyca:3.3.x Feb 7, 2021
@alex alex deleted the fix-integer-overflow branch February 7, 2021 16:37
This was referenced Mar 6, 2021
Merged
Closed
Closed
Open
Open
Closed
Open
Open
Closed
Closed
Open
Open
Closed
Open
Merged
Open
Closed
Closed
Closed
Open
Closed
Merged
Merged
Open
This was referenced Mar 17, 2021
Merged
Open
Open
Open
Closed
Open
Merged
Open
Closed
Closed
Closed
Open
Open
Merged
Merged
Closed
Merged
Merged
Open
Merged
Open
Merged
Open
Open
Closed
halstead pushed a commit to openembedded/meta-openembedded that referenced this pull request May 26, 2022
@shr-project @akuster
python3-cryptography: backport 3 changes to fix CVE-2020-36242
717e5e9 
* backport the actual code change from
  pyca/cryptography#5747
  without the docs and CI changes (which aren't applicable on old 2.8
  version) and backport 2 older changes to make this fix applicable
  on 2.8.

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
halstead pushed a commit to openembedded/meta-openembedded that referenced this pull request May 26, 2022
@shr-project @akuster
python3-cryptography: backport 3 changes to fix CVE-2020-36242
b99a386 
* backport the actual code change from
  pyca/cryptography#5747
  without the docs and CI changes (which aren't applicable on old 2.8
  version) and backport 2 older changes to make this fix applicable
  on 2.8.

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
jpuhlman pushed a commit to MontaVista-OpenSourceTechnology/meta-openembedded that referenced this pull request Jun 3, 2022
@shr-project @jpuhlman
python3-cryptography: backport 3 changes to fix CVE-2020-36242
a64896a 
Source: meta-openembedded
MR: 118244
Type: Integration
Disposition: Merged from meta-openembedded
ChangeID: b99a386
Description:

* backport the actual code change from
  pyca/cryptography#5747
  without the docs and CI changes (which aren't applicable on old 2.8
  version) and backport 2 older changes to make this fix applicable
  on 2.8.

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
hyunjae92-shin pushed a commit to webosose/meta-webosose that referenced this pull request Jun 29, 2022
@shr-project
python3-cryptography: backport 3 changes to fix CVE-2020-36242
ed96ecf 
:Release Notes:
This is only temporary until
https://lists.openembedded.org/g/openembedded-devel/message/97027
is merged in dunfell.

:Detailed Notes:
backport the actual code change from:
  pyca/cryptography#5747
  without the docs and CI changes (which aren't applicable on old 2.8
  version) and backport 2 older changes to make this fix applicable
  on 2.8.

:Testing Performed:
Only build tested.

:QA Notes:
No change to image.

:Issues Addressed:
[WRO-4101] CCC: Various build fixes

Change-Id: Ida324c8dcf8a738372da3ab7a3378c459ed27803
hyunjae92-shin pushed a commit to webosose/meta-webosose that referenced this pull request Jun 30, 2022
@shr-project
python3-cryptography: backport 3 changes to fix CVE-2020-36242
7c29079 
:Release Notes:
This is only temporary until
https://lists.openembedded.org/g/openembedded-devel/message/97027
is merged in dunfell.

:Detailed Notes:
backport the actual code change from:
  pyca/cryptography#5747
  without the docs and CI changes (which aren't applicable on old 2.8
  version) and backport 2 older changes to make this fix applicable
  on 2.8.

:Testing Performed:
Only build tested.

:QA Notes:
No change to image.

:Issues Addressed:
[WRO-4101] CCC: Various build fixes

Change-Id: Ida324c8dcf8a738372da3ab7a3378c459ed27803
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@reaperhulk reaperhulk reaperhulk approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@alex @reaperhulk