This bug was fixed in the package python-scrypt - 0.8.0-0.3ubuntu2
---
python-scrypt (0.8.0-0.3ubuntu2) groovy; urgency=medium
[ Corey Bryant ]
* d/gbp.conf: Update gbp configuration file.
* d/control: Update Vcs-* links and maintainers.
[ Chris MacNaughton ]
* d/p/add-miss
** Changed in: python-scrypt (Ubuntu)
Assignee: James Page (james-page) => Chris MacNaughton (chris.macnaughton)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1695899
Title:
[MIR] python-scrypt
** Merge proposal linked:
https://code.launchpad.net/~chris.macnaughton/ubuntu/+source/python-scrypt/+git/python-scrypt/+merge/390400
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1695899
Title:
James,
This hasn't been addressed yet (fixing BINDNOW and tests as per Tyler's
comment in comment #4). Please fix ASAP.
** Changed in: python-scrypt (Ubuntu)
Importance: High => Critical
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubu
leaving scrypt task open and assigning to James based on Tyler's
feedback
** Changed in: python-scrypt (Ubuntu)
Status: New => Triaged
** Changed in: python-scrypt (Ubuntu)
Assignee: (unassigned) => James Page (james-page)
--
You received this bug notification because you are a memb
Override component to main
python-bcrypt 3.1.3-0ubuntu1 in artful amd64: universe/python/extra/100% -> main
python-bcrypt 3.1.3-0ubuntu1 in artful arm64: universe/python/extra/100% -> main
python-bcrypt 3.1.3-0ubuntu1 in artful armhf: universe/python/extra/100% -> main
python-bcrypt 3.1.3-0ubuntu1
Hello! This is a very accelerated security review of python-bcrypt. I
didn't look at the bcrypt implementation itself but did verify that the
test vectors used have overlap with Openwall's crypt_blowfish test
vectors:
http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/glibc/crypt_blowfish/wrap
Hello! This is a very accelerated security review of python-scrypt. I
didn't look at the scrypt implementation itself but did have a quick
look at a few important areas of the project.
1) crypto_entropy_read() eventually calls entropy_read() which directly
reads from /dev/urandom. New code that
Since Tyler mentioned it requires a review anyway, assigning to the
Security Team.
python-bcrypt has lintian warnings on the binary package:
W: python3-bcrypt: python-module-in-wrong-location
usr/lib/python3.6/dist-packages/bcrypt/ usr/lib/python3/dist-packages/bcrypt/
W: python3-bcrypt: python-m
I was hoping that I could quickly ack, from a security review
standpoint, python-bcrypt since I already acked it in bug 1427861.
However, the project has significantly changed since that review. The
bcrypt backend has changed from Openwall's implementation to OpenBSD's
implementation. Test vectors
python-bcrypt has main history under MIR bug 1427861
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1695899
Title:
[MIR] python-scrypt, python-bcrypt
To manage notifications about this bug go to:
ht
** Tags added: openstack-mir
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1695899
Title:
[MIR] python-scrypt, python-bcrypt
To manage notifications about this bug go to:
https://bugs.launchpad.net
** Summary changed:
- [MIR] scrypt, bcrypt
+ [MIR] python-scrypt, python-bcrypt
** Package changed: bcrypt (Ubuntu) => python-bcrypt (Ubuntu)
** Package changed: scrypt (Ubuntu) => python-scrypt (Ubuntu)
** Description changed:
- >scrypt<
+ >python-scrypt<
[Availability]
In universe
[
13 matches
Mail list logo