[CVE] Прошу собрать версию 3.1.37

>= 3.1.41

support for cryptography 39

Уязвимость пакета cryptography интерпретатора языка программирования Python, позволяющая нарушителю выполнить произвольный код

Уязвимость пакета python-cryptography интерпретатора языка программирования Python, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Уязвимость функции Cipher.update_into пакета cryptography интерпретатора языка программирования Python, позволяющая нарушителю оказать воздействие на целостность и доступность выходных данных

Уязвимость пакета cryptography интерпретатора языка программирования Python, связанная с ошибками процедуры подтверждения подлинности сертификата, позволяющая нарушителю выполнить атаку типа "человек посередине"

Уязвимость функций load_pem_pkcs7_certificates() и load_der_pkcs7_certificates() пакет cryptography, позволяющая нарушителю вызвать отказ в обслуживании

HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size.

python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext.

In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class.

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions `Cipher.update_into` would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as `bytes`) to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. This issue has been present since `update_into` was originally introduced in cryptography 1.8.

The cryptography package before 41.0.2 for Python mishandles SSH certificates that have critical options.

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling `load_pem_pkcs7_certificates` or `load_der_pkcs7_certificates` could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service (DoS) for any application attempting to deserialize a PKCS7 blob/certificate. The consequences extend to potential disruptions in system availability and stability. This vulnerability has been patched in version 41.0.6.

Оставляет мусор

A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the "forwardable" flag on S4U2Self tickets. Fixing this mistake required adding a special case for the check_allowed_to_delegate() function: If the target service argument is NULL, then it means the KDC is probing for general constrained delegation rules and not checking a specific S4U2Proxy request. In FreeIPA 4.11.0, the behavior of ipadb_match_acl() was modified to match the changes from upstream MIT Kerberos 1.20. However, a mistake resulting in this mechanism applies in cases where the target service argument is set AND where it is unset. This results in S4U2Proxy requests being accepted regardless of whether or not there is a matching service delegation rule.

A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user principals, this key is a hash of a public per-principal randomly-generated salt and the user’s password. If a principal is compromised it means the attacker would be able to retrieve tickets encrypted to any principal, all of them being encrypted by their own key directly. By taking these tickets and salts offline, the attacker could run brute force attacks to find character strings able to decrypt tickets when combined to a principal salt (i.e. find the principal’s password).