Описание
Security update for Botan
This update for Botan fixes the following issues:
- CVE-2021-24115 In Botan before 2.17.3, or this backport, constant-time computations are not used for certain decoding and encoding operations (boo#1182670)
Список пакетов
SUSE Package Hub 15 SP1
Botan-2.10.0-bp152.4.3.1
Botan-doc-2.10.0-bp152.4.3.1
libbotan-2-10-2.10.0-bp152.4.3.1
libbotan-2-10-32bit-2.10.0-lp152.3.3.1
libbotan-2-10-64bit-2.10.0-bp152.4.3.1
libbotan-devel-2.10.0-bp152.4.3.1
libbotan-devel-32bit-2.10.0-lp152.3.3.1
libbotan-devel-64bit-2.10.0-bp152.4.3.1
python3-botan-2.10.0-bp152.4.3.1
SUSE Package Hub 15 SP2
Botan-2.10.0-bp152.4.3.1
Botan-doc-2.10.0-bp152.4.3.1
libbotan-2-10-2.10.0-bp152.4.3.1
libbotan-2-10-32bit-2.10.0-lp152.3.3.1
libbotan-2-10-64bit-2.10.0-bp152.4.3.1
libbotan-devel-2.10.0-bp152.4.3.1
libbotan-devel-32bit-2.10.0-lp152.3.3.1
libbotan-devel-64bit-2.10.0-bp152.4.3.1
python3-botan-2.10.0-bp152.4.3.1
openSUSE Leap 15.2
Botan-2.10.0-bp152.4.3.1
Botan-doc-2.10.0-bp152.4.3.1
libbotan-2-10-2.10.0-bp152.4.3.1
libbotan-2-10-32bit-2.10.0-lp152.3.3.1
libbotan-2-10-64bit-2.10.0-bp152.4.3.1
libbotan-devel-2.10.0-bp152.4.3.1
libbotan-devel-32bit-2.10.0-lp152.3.3.1
libbotan-devel-64bit-2.10.0-bp152.4.3.1
python3-botan-2.10.0-bp152.4.3.1
Ссылки
- E-Mail link for openSUSE-SU-2021:0765-1
- SUSE Security Ratings
- SUSE Bug 1182670
- SUSE CVE CVE-2021-24115 page
Описание
In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex).
Затронутые продукты
SUSE Package Hub 15 SP1:Botan-2.10.0-bp152.4.3.1
SUSE Package Hub 15 SP1:Botan-doc-2.10.0-bp152.4.3.1
SUSE Package Hub 15 SP1:libbotan-2-10-2.10.0-bp152.4.3.1
SUSE Package Hub 15 SP1:libbotan-2-10-32bit-2.10.0-lp152.3.3.1
Ссылки
- CVE-2021-24115
- SUSE Bug 1182670