Title
MGASA-2015-0460 -- обновление безопасности для python-cryptography, python-cryptography-vectors, python-pyasn1, python-idna, python-ipaddress, python-cffi
Description
The OpenSSL backend prior to 1.0.2 made extensive use of assertions to
check response codes where our tests could not trigger a failure. However,
when Python is run with -O these asserts are optimized away. If a user ran
Python with this flag and got an invalid response code this could result
in undefined behavior or worse (rhbz#1267548).
The python-cryptography and python-cryptography-vectors packages have been
updated to version 1.0.2 and python-pyasn1 has been updated to version
0.1.8, fixing this issue.