Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#47786 - [crypto++] CVE-2015-2141: remote stealing of private keys
Attached to Project:
Arch Linux
Opened by Remi Gacogne (rgacogne) - Saturday, 16 January 2016, 14:44 GMT
Last edited by Doug Newgard (Scimmia) - Saturday, 16 January 2016, 15:19 GMT
Opened by Remi Gacogne (rgacogne) - Saturday, 16 January 2016, 14:44 GMT
Last edited by Doug Newgard (Scimmia) - Saturday, 16 January 2016, 15:19 GMT
|
DetailsHello,
crypto++ 5.6.3 has been released [1], fixing a security issue, CVE-2015-2141 [2], which allows remote attacker to retrieve private keys via a timing attack. [1]: https://www.cryptopp.com/release563.html [2]: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2015-2141 |
This task depends upon
Closed by Doug Newgard (Scimmia)
Saturday, 16 January 2016, 15:19 GMT
Reason for closing: Duplicate
Additional comments about closing: FS#45498
Saturday, 16 January 2016, 15:19 GMT
Reason for closing: Duplicate
Additional comments about closing: