VDB

GCVE-110-MAGEIA-2015-460

GCVE-110-MAGEIA-2015-460
Advisory Published
Vulnetix · Advisory published November 27, 2015
The OpenSSL backend prior to 1.0.2 made extensive use of assertions to check response codes where our tests could not trigger a failure. However, when Python is run with -O these asserts are optimized away. If a user ran Python with this flag and got an invalid response code this could result in undefined behavior or worse (rhbz#1267548). The python-cryptography and python-cryptography-vectors packages have been updated to version 1.0.2 and python-pyasn1 has been updated to version 0.1.8, fixing this issue.

Affected Products

VendorProductVersionsPlatforms
Mageiapython-cryptography-vectors0 (affected), 1.0.2-1.mga5 (unaffected)
Mageiapython-cryptography0 (affected), 1.0.2-1.mga5 (unaffected)
Mageiapython-ipaddress0 (affected), 1.0.15-1.mga5 (unaffected)
Mageiapython-pyasn10 (affected), 0.1.8-1.mga5 (unaffected)
Mageiapython-cffi0 (affected), 1.1.2-1.mga5 (unaffected)
Mageiapython-idna0 (affected), 2.0-1.mga5 (unaffected)

Browse GCVE Records

73,196 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›