USN-4478-2: Python-RSA vulnerability
21 February 2022
Python-RSA could be made to expose sensitive information over the network.
- python-rsa - Pure-Python RSA implementation (Python 2)
USN-4478-1 fixed a vulnerability in Python-RSA.
This update provides the corresponding update for Ubuntu 16.04 ESM,
Ubuntu 18.04 ESM and Ubuntu 20.04 ESM.
Original advisory details:
It was discovered that Python-RSA incorrectly handled certain ciphertexts.
An attacker could possibly use this issue to obtain sensitive information.
The problem can be corrected by updating your system to the following package versions:
- python3-rsa - 4.0-3ubuntu0.1~esm1
In general, a standard system update will make all the necessary changes.
- USN-4478-1: python3-rsa, python-rsa