FIPS OpenSSL crashes Python2.7 hashlib when using MD5
Bug #1898078 reported by
Joy Latten
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| python2.7 (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
| Xenial |
New
|
Undecided
|
Unassigned | ||
| Bionic |
Fix Released
|
Undecided
|
Unassigned | ||
| Focal |
New
|
Undecided
|
Unassigned | ||
| Groovy |
Won't Fix
|
Undecided
|
Unassigned | ||
Bug Description
LP #1835135 was fixed in python2.7. However, when python2.7 was updated to current verion, the fix was not included. It needs to be included again into current version of python2.7 to prevent FIPS issues when using fips openssl with python's hashlib. This is only a problem in latest python2.7 versions in xenial, bionic, focal, and groovy. python3 versions do not have this problem in these releases.
The fix was a backport of https:/
CVE References
| description: | updated |
| description: | updated |
Revision history for this message
| Joy Latten (j-latten) wrote | #1 |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in python2.7 (Ubuntu Bionic): | |
| status: | New → Fix Released |
Revision history for this message
| Brian Murray (brian-murray) wrote | #3 |
| Changed in python2.7 (Ubuntu Groovy): | |
| status: | New → Won't Fix |
To post a comment you must log in.
This has been fixed in bionic. Already fixed in xenial.