{"update": {"autokarma": false, "autotime": false, "stable_karma": 3, "stable_days": 0, "unstable_karma": -1, "require_bugs": false, "require_testcases": true, "display_name": "", "notes": "The textbook ElGamal implementation is not secure. PyCrypto and some other implementations use the wrong algorithm, which may lead to some information disclosure simply by looking at the encrypted text. For a full description, see https://github.com/dlitz/pycrypto/issues/253\n\nThis update includes a fix for this problem backported from pycryptodome.", "type": "security", "status": "stable", "request": null, "severity": "low", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2018-02-23 17:43:40", "date_modified": null, "date_approved": null, "date_testing": "2018-02-24 20:32:02", "date_stable": "2018-02-27 17:16:42", "alias": "FEDORA-2018-913c225b49", "test_gating_status": "passed", "from_tag": null, "date_pushed": "2018-02-27 17:16:42", "meets_testing_requirements": true, "url": "https://bodhi.stg.fedoraproject.org/updates/FEDORA-2018-913c225b49", "title": "python-crypto-2.6.1-22.fc27", "version_hash": "2fc2398a62317a17bf7d26e5e3f18e80fc01c65a", "release": {"name": "F27", "long_name": "Fedora 27", "version": "27", "id_prefix": "FEDORA", "branch": "f27", "dist_tag": "f27", "stable_tag": "f27-updates", "testing_tag": "f27-updates-testing", "candidate_tag": "f27-updates-candidate", "pending_signing_tag": "f27-signing-pending", "pending_testing_tag": "f27-updates-testing-pending", "pending_stable_tag": "f27-updates-pending", "override_tag": "f27-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": null, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "pghmcfc", "email": "paul@city-fan.org", "id": 165, "avatar": "https://seccdn.libravatar.org/avatar/e6d92d9d894db58d2c7e8c1a627b669f062f35ef31fdaa8d8c7b57068b2416e1?s=24&d=retro", "openid": "pghmcfc.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "perl-maint-sig"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by pghmcfc. ", "timestamp": "2018-02-23 17:43:40", "update_id": 108046, "user_id": 91, "id": 735376, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2018-02-24 20:33:32", "update_id": 108046, "user_id": 91, "id": 735648, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "no regressions noted", "timestamp": "2018-02-25 02:11:09", "update_id": 108046, "user_id": 124, "id": 735772, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "filiperosset", "email": "rosset.filipe@gmail.com", "id": 124, "avatar": "https://seccdn.libravatar.org/avatar/f4394b8fb4c9a99c4b534dc724912fe75a5b87fe15048985ece8388c2441d0ca?s=24&d=retro", "openid": "filiperosset.id.stg.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "trust admins"}, {"name": "signed_fpca"}, {"name": "fedora-contributor"}, {"name": "l10n"}, {"name": "cvsl10n"}, {"name": "ipausers"}, {"name": "fedora-br"}, {"name": "fedorabugs"}, {"name": "ambassadors"}]}}, {"karma": 1, "karma_critpath": 0, "text": "Working for me.", "timestamp": "2018-02-26 12:56:05", "update_id": 108046, "user_id": 536, "id": 736088, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "mhayden", "email": "mhayden@redhat.com", "id": 536, "avatar": "https://seccdn.libravatar.org/avatar/9f9c7ca41ea68469600931af4193d0dc1dcb47d3cdbd481fa39fbaae417f4f2f?s=24&d=retro", "openid": "mhayden.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "gitfedora-security-team"}, {"name": "aws-fedora-ci"}, {"name": "cloud-sig"}, {"name": "rhel-lightspeed"}]}}, {"karma": 1, "karma_critpath": 0, "text": "works for me", "timestamp": "2018-02-26 17:08:53", "update_id": 108046, "user_id": 739, "id": 736200, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "cserpentis", "email": "cserpentis@gmail.com", "id": 739, "avatar": "https://seccdn.libravatar.org/avatar/a3febfef42f58ed535f3c3a3cf9743653cd774dbb6e4554e2ce7c847d9802b6c?s=24&d=retro", "openid": "cserpentis.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has reached the stable karma threshold and can be pushed to stable now if the maintainer wishes.", "timestamp": "2018-02-26 18:00:20", "update_id": 108046, "user_id": 91, "id": 736237, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for batched by pghmcfc. ", "timestamp": "2018-02-26 19:21:46", "update_id": 108046, "user_id": 91, "id": 736267, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "works", "timestamp": "2018-02-26 20:24:04", "update_id": 108046, "user_id": 3025, "id": 736303, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "danniel", "email": "daniellarasouza@yahoo.com.br", "id": 3025, "avatar": "https://seccdn.libravatar.org/avatar/88ab711305bc0f0168945ac5782b8eebcbcd33eb7cdac2a793465b5741b087f8?s=24&d=retro", "openid": "danniel.id.stg.fedoraproject.org", "groups": [{"name": "packager"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by bodhi. ", "timestamp": "2018-02-27 03:04:39", "update_id": 108046, "user_id": 91, "id": 736662, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2018-02-27 17:26:58", "update_id": 108046, "user_id": 91, "id": 737104, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "python-crypto-2.6.1-22.fc27", "signed": true, "release_id": 17, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 1542313, "title": "CVE-2018-6594 python-crypto: Weak ElGamal key parameters in PublicKey/ElGamal.py allow attackers to obtain sensitive information by reading ciphertext", "security": true, "parent": true, "feedback": []}, {"bug_id": 1542314, "title": "CVE-2018-6594 python-crypto: Weak ElGamal key parameters in PublicKey/ElGamal.py allow attackers to obtain sensitive information by reading ciphertext [fedora-all]", "security": true, "parent": false, "feedback": []}], "updateid": "FEDORA-2018-913c225b49", "karma": 4, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}