On Thu, Jan 05, 2017 at 11:39:58AM +0100, Ludovic Courtès wrote:
> Leo Famulari skribis:
>
> > On Mon, Jan 02, 2017 at 09:41:26PM +0100, Ludovic Courtès wrote:
> >> Leo Famulari skribis:
> >> > Based on my discussion with the Stem maintainer, I removed pycrypto from
> >> > the dependency graph o
Leo Famulari skribis:
> On Mon, Jan 02, 2017 at 09:41:26PM +0100, Ludovic Courtès wrote:
>> Leo Famulari skribis:
>> > Based on my discussion with the Stem maintainer, I removed pycrypto from
>> > the dependency graph of OnionShare and added a comment about removing
>> > the pycrypto package in
On Mon, Jan 02, 2017 at 09:41:26PM +0100, Ludovic Courtès wrote:
> Leo Famulari skribis:
> > Based on my discussion with the Stem maintainer, I removed pycrypto from
> > the dependency graph of OnionShare and added a comment about removing
> > the pycrypto package in 4de2a710a6a309a1601f1cf6fc15b9
Leo Famulari skribis:
> On Mon, Dec 26, 2016 at 01:08:44PM -0500, Leo Famulari wrote:
>> On Mon, Dec 26, 2016 at 12:43:44PM -0500, Leo Famulari wrote:
>> > The list of our packages that use pycrypto:
>>
>> [...]
>>
>> > onionshare-0.9.2
>>
>> This comes through python-stem. I've contacted the
On Mon, Dec 26, 2016 at 01:08:44PM -0500, Leo Famulari wrote:
> On Mon, Dec 26, 2016 at 12:43:44PM -0500, Leo Famulari wrote:
> > The list of our packages that use pycrypto:
>
> [...]
>
> > onionshare-0.9.2
>
> This comes through python-stem. I've contacted the stem maintainer about
> this issue
On Mon, Dec 26, 2016 at 12:43:44PM -0500, Leo Famulari wrote:
> The list of our packages that use pycrypto:
[...]
> onionshare-0.9.2
This comes through python-stem. I've contacted the stem maintainer about
this issue.
signature.asc
Description: PGP signature
The pycrypto library contains at least one dangerous buffer overflow:
https://github.com/dlitz/pycrypto/issues/176
And the pycrypto project is inactive:
https://github.com/dlitz/pycrypto/issues/173
The list of our packages that use pycrypto:
python-axolotl-0.1.35
onionshare-0.9.2
python-flask-