FS#47786 : [crypto++] CVE-2015-2141: remote stealing of private keys

FS#47786 - [crypto++] CVE-2015-2141: remote stealing of private keys

Attached to Project: Arch Linux
Opened by Remi Gacogne (rgacogne) - Saturday, 16 January 2016, 14:44 GMT
Last edited by Doug Newgard (Scimmia) - Saturday, 16 January 2016, 15:19 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	No-one
Architecture	All
Severity	Critical
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Hello,

crypto++ 5.6.3 has been released [1], fixing a security issue, CVE-2015-2141 [2], which allows remote attacker to retrieve private keys via a timing attack.

[1]: https://www.cryptopp.com/release563.html
[2]: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2015-2141

This task depends upon

Closed by Doug Newgard (Scimmia)
Saturday, 16 January 2016, 15:19 GMT
Reason for closing: Duplicate
Additional comments about closing: ~~FS#45498~~

Comments (0)
Related Tasks (0/0)

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#47786 - [crypto++] CVE-2015-2141: remote stealing of private keys

Details

Loading...