Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#58198 - [botan] CVE-2018-9860: Memory overread in TLS CBC decryption
Attached to Project:
Community Packages
Opened by Karol Babioch (kbabioch) - Wednesday, 11 April 2018, 12:40 GMT
Last edited by Alexander F. Rødseth (xyproto) - Sunday, 15 April 2018, 14:57 GMT
Opened by Karol Babioch (kbabioch) - Wednesday, 11 April 2018, 12:40 GMT
Last edited by Alexander F. Rødseth (xyproto) - Sunday, 15 April 2018, 14:57 GMT
|
DetailsAn off by one error in TLS CBC decryption meant that for a particular malformed ciphertext, the receiver would miscompute a length field and HMAC exactly 64K bytes of data following the record buffer as if it was part of the message. This cannot be used to leak information since the MAC comparison will subsequently fail and the connection will be closed. However it might be used for denial of service. Found by OSS-Fuzz.
Bug introduced in 1.11.32, fixed in 2.6.0 References: https://github.com/randombit/botan/blob/master/doc/security.rst |
This task depends upon
Comment by Alexander F. Rødseth (xyproto) -
Thursday, 12 April 2018, 21:12 GMT
Thanks for reporting, botan 2.6.0 is now in [community-staging].