openSUSE-SU-2024:0112-1

Опубликовано: 20 апр. 2024

Источник: suse-cvrf

Описание

Security update for perl-CryptX

This update for perl-CryptX fixes the following issues:

Updated to version 0.080:

0.080 2023-10-04 - fix #95 AES-NI troubles on MS Windows (gcc compiler) - fix #96 Tests failure with Math::BigInt >= 1.999840 - Enabled AES-NI for platforms with gcc/clang/llvm 0.079 2023-10-01 - fix #92 update libtomcrypt - bundled libtomcrypt update branch:develop (commit:1e629e6f 2023-06-22) 0.078 2023-04-28 - fix #89 Crypt::Mac::HMAC b64mac and b64umac object methods do not work

Список пакетов

SUSE Package Hub 15 SP5

perl-CryptX-0.80.0-bp155.2.3.1

openSUSE Leap 15.5

perl-CryptX-0.80.0-bp155.2.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UPEJCYLFV3FPQUS5GF63SP3V7CRAO2RX/
E-Mail link for openSUSE-SU-2024:0112-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1221528
SUSE Bug 1221528
https://www.suse.com/security/cve/CVE-2018-25099/
SUSE CVE CVE-2018-25099 page

Описание

In the CryptX module before 0.062 for Perl, gcm_decrypt_verify() and chacha20poly1305_decrypt_verify() do not verify the tag.

Затронутые продукты

SUSE Package Hub 15 SP5:perl-CryptX-0.80.0-bp155.2.3.1

openSUSE Leap 15.5:perl-CryptX-0.80.0-bp155.2.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-25099.html
CVE-2018-25099
https://bugzilla.suse.com/1221528
SUSE Bug 1221528

openSUSE-SU-2024:0112-1

Описание

Список пакетов

SUSE Package Hub 15 SP5

openSUSE Leap 15.5

Ссылки

Уязвимость: CVE-2018-25099

Описание

Затронутые продукты

Ссылки