Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 925120 (CVE-2024-26130)

Summary: <dev-python/cryptography-42.0.4: null-pointer-dereference and segfault that could occur when creating a PKCS#12 bundle
Product: Gentoo Security Reporter: Michał Górny <mgorny>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: ajak, python
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
See Also: https://github.com/pyca/cryptography/issues/10422
Whiteboard: B3 [glsa+]
Package list:
Runtime testing required: ---
Bug Depends on: 925119, 925173, 932697    
Bug Blocks:    

Description Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2024-02-21 04:26:10 UTC
+* Fixed a null-pointer-dereference and segfault that could occur when creating
+  a PKCS#12 bundle. Credit to **Alexander-Programming** for reporting the
+  issue. **CVE-2024-26130**
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2024-02-21 04:31:26 UTC
Thanks!
Comment 2 Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2024-05-25 19:58:46 UTC
cleanup done.
Comment 3 Larry the Git Cow gentoo-dev 2024-07-01 06:10:20 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=c64e048a91b0aa0d481f453db2b0de77a5123fc4

commit c64e048a91b0aa0d481f453db2b0de77a5123fc4
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2024-07-01 05:59:02 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2024-07-01 06:09:25 +0000

    [ GLSA 202407-06 ] cryptography: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/769419
    Bug: https://bugs.gentoo.org/864049
    Bug: https://bugs.gentoo.org/893576
    Bug: https://bugs.gentoo.org/918685
    Bug: https://bugs.gentoo.org/925120
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 glsa-202407-06.xml | 49 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)