Описание
Security update for libcryptopp
This update for libcryptopp fixes the following issues:
- CVE-2023-50980: Fixed DoS via malformed DER public key file (bsc#1218219).
Список пакетов
openSUSE Leap 15.4
libcryptopp5_6_5-5.6.5-150000.1.9.1
libcryptopp5_6_5-32bit-5.6.5-150000.1.9.1
Ссылки
- Link for SUSE-SU-2023:4957-1
- E-Mail link for SUSE-SU-2023:4957-1
- SUSE Security Ratings
- SUSE Bug 1218219
- SUSE CVE CVE-2023-50980 page
Описание
gf2n.cpp in Crypto++ (aka cryptopp) through 8.9.0 allows attackers to cause a denial of service (application crash) via DER public-key data for an F(2^m) curve, if the degree of each term in the polynomial is not strictly decreasing.
Затронутые продукты
openSUSE Leap 15.4:libcryptopp5_6_5-32bit-5.6.5-150000.1.9.1
openSUSE Leap 15.4:libcryptopp5_6_5-5.6.5-150000.1.9.1
Ссылки
- CVE-2023-50980
- SUSE Bug 1218219