- Issued:
- 2011-07-21
- Updated:
- 2011-07-21
RHBA-2011:1058 - Bug Fix Advisory
Synopsis
m2crypto bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An updated m2crypto package that fixes various bugs is now available for Red Hat
Enterprise Linux 5.
Description
m2crypto allows OpenSSL functions to be called from Python scripts.
This updated m2crypto package includes fixes for the following bugs:
- Prior to this update, the AES_crypt() function did not free a temporary
buffer. This caused a memory leak when the function was called repeatedly. This
problem has been fixed and the AES_crypt() function now frees memory correctly.
(BZ#659881)
- Previously, calling the m.2asn1_INTEGER_get() function resulted in an
incorrect numerical value for the serial number due to a data type mismatch. As
a consequence, the subscription-manager application displayed an error message
about the serial number being less than zero. Serial numbers are now handled
correctly and no error message appears. (BZ#703648)
All users of m2crypto are advised to upgrade to this updated package, which
resolves these bugs.
Solution
Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat
Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux Desktop 5 x86_64
- Red Hat Enterprise Linux Desktop 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 659881 - Memory leak in m2crypto-0.16/SWIG/_aes.i: AES_crypt
- BZ - 703648 - x509 certs can not have serial numbers larger than python int
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 5
SRPM | |
---|---|
m2crypto-0.16-8.el5.src.rpm | SHA-256: 1e38804a28f2e89b8a18102ad388f84c3dec3226592fc3e3b3571846efd6121d |
x86_64 | |
m2crypto-0.16-8.el5.x86_64.rpm | SHA-256: 00a02517da6355afcf184535cb8616dfdecd51640dd51014dfb826594e769e9e |
ia64 | |
m2crypto-0.16-8.el5.ia64.rpm | SHA-256: 2592ea129251b6b8af3ed5b5cdcc23ccc6047b49dee3f78ea162ebeb8a4dfb94 |
i386 | |
m2crypto-0.16-8.el5.i386.rpm | SHA-256: a4b2427d622b0431d046a371cc89902293e31ef10f570c752c2dcbfd3441106b |
Red Hat Enterprise Linux Workstation 5
SRPM | |
---|---|
m2crypto-0.16-8.el5.src.rpm | SHA-256: 1e38804a28f2e89b8a18102ad388f84c3dec3226592fc3e3b3571846efd6121d |
x86_64 | |
m2crypto-0.16-8.el5.x86_64.rpm | SHA-256: 00a02517da6355afcf184535cb8616dfdecd51640dd51014dfb826594e769e9e |
i386 | |
m2crypto-0.16-8.el5.i386.rpm | SHA-256: a4b2427d622b0431d046a371cc89902293e31ef10f570c752c2dcbfd3441106b |
Red Hat Enterprise Linux Desktop 5
SRPM | |
---|---|
m2crypto-0.16-8.el5.src.rpm | SHA-256: 1e38804a28f2e89b8a18102ad388f84c3dec3226592fc3e3b3571846efd6121d |
x86_64 | |
m2crypto-0.16-8.el5.x86_64.rpm | SHA-256: 00a02517da6355afcf184535cb8616dfdecd51640dd51014dfb826594e769e9e |
i386 | |
m2crypto-0.16-8.el5.i386.rpm | SHA-256: a4b2427d622b0431d046a371cc89902293e31ef10f570c752c2dcbfd3441106b |
Red Hat Enterprise Linux for IBM z Systems 5
SRPM | |
---|---|
m2crypto-0.16-8.el5.src.rpm | SHA-256: 1e38804a28f2e89b8a18102ad388f84c3dec3226592fc3e3b3571846efd6121d |
s390x | |
m2crypto-0.16-8.el5.s390x.rpm | SHA-256: bcec0766ca552954435e6d6611e29446ed11b8bc5ee9bfb32e2a0b4a00952b52 |
Red Hat Enterprise Linux for Power, big endian 5
SRPM | |
---|---|
m2crypto-0.16-8.el5.src.rpm | SHA-256: 1e38804a28f2e89b8a18102ad388f84c3dec3226592fc3e3b3571846efd6121d |
ppc | |
m2crypto-0.16-8.el5.ppc.rpm | SHA-256: 2ad894525b792017d97724399bbf1e35c5ea75a222bdfdcc2671c34067ee165e |
Red Hat Enterprise Linux Server from RHUI 5
SRPM | |
---|---|
m2crypto-0.16-8.el5.src.rpm | SHA-256: 1e38804a28f2e89b8a18102ad388f84c3dec3226592fc3e3b3571846efd6121d |
x86_64 | |
m2crypto-0.16-8.el5.x86_64.rpm | SHA-256: 00a02517da6355afcf184535cb8616dfdecd51640dd51014dfb826594e769e9e |
i386 | |
m2crypto-0.16-8.el5.i386.rpm | SHA-256: a4b2427d622b0431d046a371cc89902293e31ef10f570c752c2dcbfd3441106b |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.