========================================================================== Ubuntu Security Notice USN-3199-3 August 28, 2017 python-crypto vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 ESM Summary: Programs using the Python Cryptography Toolkit could be made to crash or run programs if they receive specially crafted network traffic or other input. Software Description: - python-crypto: cryptographic algorithms and protocols for Python Details: USN-3199-1 fixed a vulnerability in Python Crypto. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: A It was discovered that the ALGnew function in block_templace.c in the A Python Cryptography Toolkit contained a heap-based buffer overflow A vulnerability. A remote attacker could use this flaw to execute A arbitrary code by using a crafted initialization vector parameter. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM: A python-cryptoA A A A A A A A A A A A A A A A A A A 2.4.1-1ubuntu0.2 A python3-cryptoA A A A A A A A A A A A A A A A A A 2.4.1-1ubuntu0.2 In general, a standard system update will make all the necessary changes. References: A https://www.ubuntu.com/usn/usn-3199-3 A https://www.ubuntu.com/usn/usn-3199-1 A CVE-2013-7459