[Bug 1748572] Re: [MIR] pysmi, pycryptodome
Mathieu Trudel-Lapierre
mathieu.tl at gmail.com
Tue Feb 20 15:47:56 UTC 2018
Seems to me like pysmi would potentially go parse and generate code from
MIBs retrieved from the web (those are not necessarily known to be
safe). I think this warrants some further code review.
** Changed in: pysmi (Ubuntu)
Assignee: Ubuntu OpenStack (ubuntu-openstack) => Ubuntu Security Team (ubuntu-security)
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is a bug assignee.
https://bugs.launchpad.net/bugs/1748572
Title:
[MIR] pysmi, pycryptodome
Status in pycryptodome package in Ubuntu:
New
Status in pysmi package in Ubuntu:
New
Bug description:
[Rationale]
The new version of python-pysnmp4 adds dependencies on python-
pycryptodome and python-pysmi, so these need to be MIRed.
>> pysmi <<
[Availability]
In universe
[Security]
No history: http://www.cve.mitre.org/cgi-bin/cvekey.cgi?keyword=pysmi
[Quality assurance]
Package executes unit tests during package build.
[Dependencies]
All in main.
[Standards compliance]
OK
[Maintenance]
ubuntu-openstack
>> pycryptodome <<
[Availability]
In universe
[Security]
No history: http://www.cve.mitre.org/cgi-bin/cvekey.cgi?keyword=pycryptodome
[Quality assurance]
Package executes unit tests during package build.
[Dependencies]
All in main.
[Standards compliance]
OK
[Maintenance]
ubuntu-openstack
[Background]
PyCryptodome is a fork of PyCrypto
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pycryptodome/+bug/1748572/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list