Bug 169146 - [PATCH] security/py-pycrypto: update to 2.6
Summary: [PATCH] security/py-pycrypto: update to 2.6
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Jason Helfman
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-06-16 09:50 UTC by koobs
Modified: 2012-06-25 17:10 UTC (History)
1 user (show)

See Also:

Attachments
py27-pycrypto-2.6.patch (5.72 KB, patch)
2012-06-16 09:50 UTC, koobs 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description koobs 2012-06-16 09:50:12 UTC 
- Update to 2.6
- Update pkg-plist

PyCrypto SelfTest clean: Ran 1064 tests in 10.742s - OK

Changes: https://github.com/dlitz/pycrypto/blob/v2.6/ChangeLog

Port maintainer (k@stereochro.me) is cc'd.

Generated with FreeBSD Port Tools 0.99_6 (mode: update, diff: ports)
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2012-06-16 17:21:10 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->freebsd-python

freebsd-python@ wants this port PRs (via the GNATS Auto Assign Tool)
Comment 2 Edwin Groothuis freebsd_committer freebsd_triage 2012-06-16 17:21:14 UTC 
Maintainer of security/py-pycrypto,

Please note that PR ports/169146 has just been submitted.

If it contains a patch for an upgrade, an enhancement or a bug fix
you agree on, reply to this email stating that you approve the patch
and a committer will take care of it.

The full text of the PR can be found at:
    http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/169146

-- 
Edwin Groothuis via the GNATS Auto Assign Tool
edwin@FreeBSD.org
Comment 3 Edwin Groothuis freebsd_committer freebsd_triage 2012-06-16 17:21:16 UTC 
State Changed
From-To: open->feedback

Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
Comment 4 Jason Helfman freebsd_committer freebsd_triage 2012-06-16 20:27:25 UTC 
Responsible Changed
From-To: freebsd-python->jgh

I'll take it.
Comment 5 koobs 2012-06-24 22:48:54 UTC 
Just noticed there's a CVE out that is addressed by this PR's version:

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-2417

@eadler mentioned VuXML would be appropriate here
Comment 6 Jason Helfman freebsd_committer freebsd_triage 2012-06-25 17:04:16 UTC 
State Changed
From-To: feedback->open

portmgr approves commit, per open cve against current version in tree
Comment 7 dfilter service freebsd_committer freebsd_triage 2012-06-25 17:06:57 UTC 
jgh         2012-06-25 16:06:47 UTC

  FreeBSD ports repository

  Modified files:
    security/vuxml       vuln.xml 
    security/py-pycrypto Makefile distinfo pkg-plist 
  Log:
  - update to 2.6
  
  PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal
  scheme to generate a key, which reduces the signature space or public key space and
  makes it easier for attackers to conduct brute force attacks to obtain the private key.
  
  PR:     ports/169146
  Approved by:    portmgr
  
  Revision  Changes    Path
  1.21      +2 -1      ports/security/py-pycrypto/Makefile
  1.13      +2 -2      ports/security/py-pycrypto/distinfo
  1.8       +41 -14    ports/security/py-pycrypto/pkg-plist
  1.2745    +41 -1     ports/security/vuxml/vuln.xml
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 8 Jason Helfman freebsd_committer freebsd_triage 2012-06-25 17:07:08 UTC 
State Changed
From-To: open->closed

Committed. Thanks!