Описание
Security update for Botan
This update for Botan fixes the following issues:
- CVE-2022-43705: Fixed validation of embedded certificates was when checking OCSP responses (boo#1205509).
Список пакетов
SUSE Package Hub 15 SP3
Botan-2.10.0-bp153.3.3.1
Botan-doc-2.10.0-bp153.3.3.1
libbotan-2-10-2.10.0-bp153.3.3.1
libbotan-2-10-32bit-2.10.0-bp153.3.3.1
libbotan-2-10-64bit-2.10.0-bp153.3.3.1
libbotan-devel-2.10.0-bp153.3.3.1
libbotan-devel-32bit-2.10.0-bp153.3.3.1
libbotan-devel-64bit-2.10.0-bp153.3.3.1
python3-botan-2.10.0-bp153.3.3.1
openSUSE Leap 15.3
Botan-2.10.0-bp153.3.3.1
Botan-doc-2.10.0-bp153.3.3.1
libbotan-2-10-2.10.0-bp153.3.3.1
libbotan-2-10-32bit-2.10.0-bp153.3.3.1
libbotan-2-10-64bit-2.10.0-bp153.3.3.1
libbotan-devel-2.10.0-bp153.3.3.1
libbotan-devel-32bit-2.10.0-bp153.3.3.1
libbotan-devel-64bit-2.10.0-bp153.3.3.1
python3-botan-2.10.0-bp153.3.3.1
Ссылки
- E-Mail link for openSUSE-SU-2022:10210-1
- SUSE Security Ratings
- SUSE Bug 1205509
- SUSE CVE CVE-2022-43705 page
Описание
In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. This issue was introduced in Botan 1.11.34 (November 2016).
Затронутые продукты
SUSE Package Hub 15 SP3:Botan-2.10.0-bp153.3.3.1
SUSE Package Hub 15 SP3:Botan-doc-2.10.0-bp153.3.3.1
SUSE Package Hub 15 SP3:libbotan-2-10-2.10.0-bp153.3.3.1
SUSE Package Hub 15 SP3:libbotan-2-10-32bit-2.10.0-bp153.3.3.1
Ссылки
- CVE-2022-43705
- SUSE Bug 1205509