- Issued:
- 2011-01-13
- Updated:
- 2011-01-13
RHBA-2011:0019 - Bug Fix Advisory
Synopsis
m2crypto bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An updated m2crypto package that fixes some bugs and provides an enhancement is
now available for Red Hat Enterprise Linux 5.
Description
m2crypto is a Python wrapper for OpenSSL. It makes it possible to call OpenSSL
functions from Python scripts.
This updated m2crypto package fixes the following bugs:
- Example scripts used "/usr/bin/env python" as the script interpreter path.
With this update, the example scripts use "/usr/bin/python" as the script
interpreter path to make sure the scripts are executed by the system Python
interpreter, not a locally built interpreter. (BZ#521887)
- When a M2Crypto.SSL.Connection object was created without setting up a
connection, an SSL object was allocated and never freed. Over time, this could
result in a significant memory leak. This update ensures the memory is
correctly deallocated. (BZ#660292)
In addition, this updated package provides the following enhancement:
- Previously, m2crypto did not allow users to override the certificate hostname
checks performed by default. With this update, users can disable the hostname
checks. (BZ#524855)
Users are advised to upgrade to this updated m2crypto package, which resolves
these issues and adds this enhancement.
Solution
Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat
Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux Desktop 5 x86_64
- Red Hat Enterprise Linux Desktop 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 521887 - Fix instances of #!/usr/bin/env python in m2crypto
- BZ - 660292 - memory leak in the attached script
- BZ - 668642 - m2crypto upgrade path from 5.5.z broken
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 5
SRPM | |
---|---|
m2crypto-0.16-7.el5.src.rpm | SHA-256: e65329fd67efcfb7f8f76a204851ea55923ff1ecb8a47e413dfcb23c062a80a4 |
x86_64 | |
m2crypto-0.16-7.el5.x86_64.rpm | SHA-256: aff871146410dfe0a37475ecb9601820c1df2d7fb32e44b29c879b27b619a747 |
ia64 | |
m2crypto-0.16-7.el5.ia64.rpm | SHA-256: bfd9962ff8c7b3590384353094acd10fb25de646f3f64cdd8514ace48c9a93dd |
i386 | |
m2crypto-0.16-7.el5.i386.rpm | SHA-256: 2786c28cc485d61c5100796c0dc00f51383e1d41c1169ed6c6952c2a497f464e |
Red Hat Enterprise Linux Workstation 5
SRPM | |
---|---|
m2crypto-0.16-7.el5.src.rpm | SHA-256: e65329fd67efcfb7f8f76a204851ea55923ff1ecb8a47e413dfcb23c062a80a4 |
x86_64 | |
m2crypto-0.16-7.el5.x86_64.rpm | SHA-256: aff871146410dfe0a37475ecb9601820c1df2d7fb32e44b29c879b27b619a747 |
i386 | |
m2crypto-0.16-7.el5.i386.rpm | SHA-256: 2786c28cc485d61c5100796c0dc00f51383e1d41c1169ed6c6952c2a497f464e |
Red Hat Enterprise Linux Desktop 5
SRPM | |
---|---|
m2crypto-0.16-7.el5.src.rpm | SHA-256: e65329fd67efcfb7f8f76a204851ea55923ff1ecb8a47e413dfcb23c062a80a4 |
x86_64 | |
m2crypto-0.16-7.el5.x86_64.rpm | SHA-256: aff871146410dfe0a37475ecb9601820c1df2d7fb32e44b29c879b27b619a747 |
i386 | |
m2crypto-0.16-7.el5.i386.rpm | SHA-256: 2786c28cc485d61c5100796c0dc00f51383e1d41c1169ed6c6952c2a497f464e |
Red Hat Enterprise Linux for IBM z Systems 5
SRPM | |
---|---|
m2crypto-0.16-7.el5.src.rpm | SHA-256: e65329fd67efcfb7f8f76a204851ea55923ff1ecb8a47e413dfcb23c062a80a4 |
s390x | |
m2crypto-0.16-7.el5.s390x.rpm | SHA-256: ae58316e34952561313c2eb968f188bcfcb62e5ccaa6effe08b5e9ee4fb87e86 |
Red Hat Enterprise Linux for Power, big endian 5
SRPM | |
---|---|
m2crypto-0.16-7.el5.src.rpm | SHA-256: e65329fd67efcfb7f8f76a204851ea55923ff1ecb8a47e413dfcb23c062a80a4 |
ppc | |
m2crypto-0.16-7.el5.ppc.rpm | SHA-256: 2ffe69b33e4207dd29d10fb0fc3d69df4a8ed7e723261c57a135662841770672 |
Red Hat Enterprise Linux Server from RHUI 5
SRPM | |
---|---|
m2crypto-0.16-7.el5.src.rpm | SHA-256: e65329fd67efcfb7f8f76a204851ea55923ff1ecb8a47e413dfcb23c062a80a4 |
x86_64 | |
m2crypto-0.16-7.el5.x86_64.rpm | SHA-256: aff871146410dfe0a37475ecb9601820c1df2d7fb32e44b29c879b27b619a747 |
i386 | |
m2crypto-0.16-7.el5.i386.rpm | SHA-256: 2786c28cc485d61c5100796c0dc00f51383e1d41c1169ed6c6952c2a497f464e |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.