m2crypto - Debian Package Tracker

general

source: m2crypto (main)
version: 0.37.1-2
maintainer: Sandro Tosi (DMD)
uploaders: Debian Python Team [DMD]
arch: all any
std-ver: 4.5.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.24.0-1.1
oldstable: 0.31.0-4+deb10u2
old-bpo: 0.31.0-6~bpo10+1
stable: 0.37.1-2
testing: 0.37.1-2
unstable: 0.37.1-2

versioned links

0.24.0-1.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.31.0-4+deb10u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.31.0-6~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.37.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

python-m2crypto-doc
python3-m2crypto

action needed

A new upstream version is available: 0.38.0 high

A new upstream version 0.38.0 is available, you should consider packaging it.

Created: 2021-06-18 Last update: 2021-09-22 21:01

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2020-25657: A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality.

Created: 2021-02-19 Last update: 2021-08-15 00:00

1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:

CVE-2020-25657: A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality.

Created: 2021-08-15 Last update: 2021-08-15 00:00

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2021-04-11 Last update: 2021-04-11 10:18

Multiarch hinter reports 1 issue(s) low

There are issues with the multiarch metadata for this package.

python-m2crypto-doc could be marked Multi-Arch: foreign

Created: 2018-05-07 Last update: 2021-09-22 18:02

1 low-priority security issue in buster low

There is 1 open security issue in buster.

1 issue left for the package maintainer to handle:

CVE-2020-25657: (needs triaging) A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality.

You can find information about how to handle this issue in the security team's documentation.

Created: 2021-02-19 Last update: 2021-08-15 00:00

1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:

CVE-2020-25657: (needs triaging) A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality.

You can find information about how to handle this issue in the security team's documentation.

Created: 2021-08-14 Last update: 2021-08-15 00:00

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.0 instead of 4.5.1).

Created: 2021-08-18 Last update: 2021-08-18 14:02

testing migrations

This package will soon be part of the auto-openssl transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[rss feed]

[2021-03-19] Accepted m2crypto 0.31.0-4+deb10u2 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Sebastian Andrzej Siewior)
[2021-03-04] m2crypto 0.37.1-2 MIGRATED to testing (Debian testing watch)
[2021-02-22] Accepted m2crypto 0.37.1-2 (source) into unstable (Sandro Tosi)
[2021-01-30] m2crypto 0.37.1-1 MIGRATED to testing (Debian testing watch)
[2021-01-30] m2crypto 0.37.1-1 MIGRATED to testing (Debian testing watch)
[2021-01-27] Accepted m2crypto 0.31.0-4+deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Sebastian Andrzej Siewior)
[2021-01-12] Accepted m2crypto 0.37.1-1 (source) into unstable (Sandro Tosi)
[2020-07-18] m2crypto 0.36.0-1 MIGRATED to testing (Debian testing watch)
[2020-07-16] Accepted m2crypto 0.36.0-1 (source) into unstable (Sandro Tosi)
[2020-05-06] Accepted m2crypto 0.35.2-2 (source all amd64) into unstable, unstable (Debian FTP Masters) (signed by: Sandro Tosi)
[2020-04-24] Accepted m2crypto 0.35.2-1 (source) into unstable (Sandro Tosi)
[2020-02-02] m2crypto 0.31.0-9 MIGRATED to testing (Debian testing watch)
[2020-01-31] Accepted m2crypto 0.31.0-9 (source) into unstable (Sandro Tosi)
[2019-11-24] m2crypto 0.31.0-8 MIGRATED to testing (Debian testing watch)
[2019-11-22] Accepted m2crypto 0.31.0-8 (source) into unstable (Sandro Tosi)
[2019-11-20] Accepted m2crypto 0.31.0-7 (source all amd64) into unstable (Daniel Stender)
[2019-10-01] Accepted m2crypto 0.31.0-6~bpo10+1 (source all amd64) into buster-backports, buster-backports (Daniel Stender)
[2019-08-21] m2crypto 0.31.0-6 MIGRATED to testing (Debian testing watch)
[2019-08-19] Accepted m2crypto 0.31.0-6 (source) into unstable (Daniel Stender)
[2019-08-12] Accepted m2crypto 0.31.0-5 (all source) into unstable, unstable (Daniel Stender)
[2019-06-16] m2crypto 0.31.0-4 MIGRATED to testing (Debian testing watch)
[2019-06-09] Accepted m2crypto 0.31.0-4 (all source) into unstable (Daniel Stender)
[2019-03-18] m2crypto 0.31.0-3 MIGRATED to testing (Debian testing watch)
[2019-03-11] Accepted m2crypto 0.31.0-3 (source all amd64) into unstable (Daniel Stender)
[2018-12-21] m2crypto 0.31.0-2 MIGRATED to testing (Debian testing watch)
[2018-12-19] Accepted m2crypto 0.31.0-2 (all source) into unstable (Daniel Stender)
[2018-11-13] m2crypto 0.31.0-1 MIGRATED to testing (Debian testing watch)
[2018-11-10] Accepted m2crypto 0.31.0-1 (source all amd64) into unstable (Daniel Stender)
[2018-11-02] Accepted m2crypto 0.30.1+git20181013.1576f1e-1 (source all amd64) into experimental (Daniel Stender)
[2018-05-09] m2crypto 0.27.0-6 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 2
RC: 0
I&N: 2
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (0, 1)
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.37.1-1ubuntu3
5 bugs
patches for 0.37.1-1ubuntu3