RHBA-2011:1058 - Bug Fix Advisory
m2crypto bug fix update
Bug Fix Advisory
An updated m2crypto package that fixes various bugs is now available for Red Hat
Enterprise Linux 5.
m2crypto allows OpenSSL functions to be called from Python scripts.
This updated m2crypto package includes fixes for the following bugs:
- Prior to this update, the AES_crypt() function did not free a temporary
buffer. This caused a memory leak when the function was called repeatedly. This
problem has been fixed and the AES_crypt() function now frees memory correctly.
- Previously, calling the m.2asn1_INTEGER_get() function resulted in an
incorrect numerical value for the serial number due to a data type mismatch. As
a consequence, the subscription-manager application displayed an error message
about the serial number being less than zero. Serial numbers are now handled
correctly and no error message appears. (BZ#703648)
All users of m2crypto are advised to upgrade to this updated package, which
resolves these bugs.
Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat
Network to apply this update are available at
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux Desktop 5 x86_64
- Red Hat Enterprise Linux Desktop 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
- BZ - 659881 - Memory leak in m2crypto-0.16/SWIG/_aes.i: AES_crypt
- BZ - 703648 - x509 certs can not have serial numbers larger than python int
Red Hat Enterprise Linux for IBM z Systems 5