[ubuntu/questing-security] python-cryptography 43.0.0-1ubuntu1.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Thu Mar 12 14:06:20 UTC 2026
python-cryptography (43.0.0-1ubuntu1.1) questing-security; urgency=medium
* SECURITY UPDATE: Subgroup Attack Due to Missing Subgroup Validation for
SECT Curves
- debian/patches/CVE-2026-26007.patch: EC check key on cofactor > 1 in
src/cryptography/hazmat/primitives/asymmetric/ec.py,
src/cryptography/utils.py, src/rust/src/backend/ec.rs,
tests/hazmat/primitives/test_ec.py.
- CVE-2026-26007
Date: 2026-02-20 15:03:44.596913+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/python-cryptography/43.0.0-1ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Questing-changes
mailing list