Updated python-cryptography packages fix security vulnerabilityPublication date: 27 Nov 2015
Affected Mageia releases : 5
The OpenSSL backend prior to 1.0.2 made extensive use of assertions to check response codes where our tests could not trigger a failure. However, when Python is run with -O these asserts are optimized away. If a user ran Python with this flag and got an invalid response code this could result in undefined behavior or worse (rhbz#1267548). The python-cryptography and python-cryptography-vectors packages have been updated to version 1.0.2 and python-pyasn1 has been updated to version 0.1.8, fixing this issue.