OPENSUSE-SU-2024:12522-1 Botan-2.19.3-1.1 on GA media

These are all security issues fixed in the Botan-2.19.3-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10594-1 Botan-2.18.1-1.3 on GA media

These are all security issues fixed in the Botan-2.18.1-1.3 package on the GA media of openSUSE Tumbleweed...

The vulnerability of the C++ Botan cryptographic library, related to incorrect certificate verification, allows attackers to forge OCSP responses.

The vulnerability of the C++ Botan cryptographic library is related to incorrect certificate verification. Exploiting this vulnerability could allow a remote attacker to forge OCSP responses...

ROS-20240527-01

A vulnerability in the Botan C++ cryptographic library is related to improper certificate validation. Exploitation of the vulnerability could allow an attacker acting remotely to spoof OCSP responses...

PT-2024-6609

Name of the Vulnerable Software and Affected Versions: Botan versions prior to 3.5.0 Botan versions prior to 2.19.5 Description: The issue is related to the processing of X.509 certificates in the Botan C++ cryptography library. Checking name constraints in these certificates is quadratic in the...

PT-2024-6085

Name of the Vulnerable Software and Affected Versions Botan versions prior to 2.19.4 and 3.3.0 Description The issue is related to the parsing of X.509 certificates with explicit encoding of elliptic curve parameters. An attacker can present a certificate with very large parameters, causing...

CVE-2017-7252

bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password...

CVE-2017-7252

bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password...

CVE-2017-7252

bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password...

Default credentials

bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password...

CVE-2017-7252

bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password...

CVE-2017-7252

CVE-2017-7252 affects Botan's bcrypt implementation prior to 2.1.0, where passwords with lengths 57–72 are not handled correctly, making it easier to determine the cleartext password. The connected documents corroborate the issue but do not provide an explicit remediation version; no exploit deta...

SUSE CVE-2014-9742

The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group...

SUSE CVE-2015-5726

The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service application crash via an empty BIT STRING in ASN.1 data...

SUSE CVE-2015-5727

The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service memory consumption via unspecified vectors, related to a length field...

SUSE CVE-2015-7824

botan 1.11.x before 1.11.22 makes it easier for remote attackers to decrypt TLS ciphertext data via a padding-oracle attack against TLS CBC ciphersuites...

SUSE CVE-2015-7825

botan before 1.11.22 improperly validates certificate paths, which allows remote attackers to cause a denial of service infinite loop and memory consumption via a certificate with a loop in the certificate chain...

SUSE CVE-2015-7826

botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote attackers to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting .example.com as a match for bar.foo.example.com...

SUSE CVE-2015-7827

Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS1 padding...

SUSE CVE-2016-2194

The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to cause a denial of service infinite loop via unspecified input to the OS2ECP function, related to a composite modulus...