Lucene search
+L

40 matches found

osv
osv
added 2020/07/31 11:25 p.m.4 views

MGASA-2020-0308 Updated botan2 packages fix security vulnerability

The CBC padding operations were not constant time and as a result would leak the length of the plaintext values which were being padded to an attacker running a side channel attack via shared resources such as cache or branch predictor. No information about the contents was leaked, but the length...

6.8AI score
Exploits0References4
mageia
mageia
added 2020/07/31 11:25 p.m.19 views

Updated botan2 packages fix security vulnerability

The CBC padding operations were not constant time and as a result would leak the length of the plaintext values which were being padded to an attacker running a side channel attack via shared resources such as cache or branch predictor. No information about the contents was leaked, but the length...

1.1AI score
Exploits0References3
openvas
openvas
added 2020/07/15 12:0 a.m.7 views

Fedora: Security Advisory for botan2 (FEDORA-2020-539fd85292)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
openvas
openvas
added 2020/07/15 12:0 a.m.8 views

Fedora: Security Advisory for botan2 (FEDORA-2020-f9a8f05df5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
nessus
nessus
added 2020/07/14 12:0 a.m.13 views

Fedora 31 : botan2 (2020-f9a8f05df5)

Backport patch for 1849743 CBC padding side channel from 2.14.0. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

5.5AI score
Exploits0References1
nessus
nessus
added 2020/07/14 12:0 a.m.16 views

Fedora 32 : botan2 (2020-539fd85292)

Update to 2.14.0 including security fix Side channel during CBC padding. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

5.4AI score
Exploits0References1
fedora
fedora
added 2020/07/13 1:39 a.m.17 views

[SECURITY] Fedora 31 Update: botan2-2.11.0-3.fc31

Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...

1.5AI score
Exploits0
fedora
fedora
added 2020/07/13 1:16 a.m.18 views

[SECURITY] Fedora 32 Update: botan2-2.14.0-1.fc32

Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...

1.5AI score
Exploits0
openvas
openvas
added 2019/05/07 12:0 a.m.67 views

Fedora Update for botan2 FEDORA-2019-e0f5a82082

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.9CVSS5.8AI score0.01525EPSS
Exploits0References2
fedora
fedora
added 2019/02/20 3:6 a.m.30 views

[SECURITY] Fedora 29 Update: botan2-2.9.0-1.fc29

Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...

5.9CVSS1.5AI score0.01525EPSS
Exploits0
nessus
nessus
added 2019/02/20 12:0 a.m.79 views

Fedora 29 : botan2 (2019-e0f5a82082)

Update to 2.9.0 including security fix for CVE-2018-20187 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

5.9CVSS6.1AI score0.01525EPSS
Exploits0References2
nessus
nessus
added 2019/01/28 12:0 a.m.50 views

FreeBSD : botan2 -- Side channel during ECC key generation (d8e7e854-17fa-11e9-bef6-6805ca2fa271)

botan2 developers reports : A timing side channel during ECC key generation could leak information about the high bits of the secret scalar. Such information allows an attacker to perform a brute-force attack on the key somewhat more efficiently than they would otherwise. Found by Jan Jancar usin...

5.9CVSS5.9AI score0.01525EPSS
Exploits0References3
nessus
nessus
added 2019/01/03 12:0 a.m.36 views

Fedora 28 : botan2 (2018-eaa7de17ae)

Update Botan2 to 2.7.0. Focus of this release is on performance and side channel hardening. - Address side channels in RSA key generation and ECDSA signing - Side channel hardening in many core algorithms modular exponentiation, ECC scalar multiply, Karatsuba multiplication, Barrett reduction, et...

5.9CVSS6AI score0.00887EPSS
Exploits2References4
freebsd
freebsd
added 2018/12/17 12:0 a.m.24 views

botan2 -- Side channel during ECC key generation

botan2 developers reports: A timing side channel during ECC key generation could leak information about the high bits of the secret scalar. Such information allows an attacker to perform a brute force attack on the key somewhat more efficiently than they would otherwise. Found by Ján Jančár using...

5.9CVSS2AI score0.01525EPSS
Exploits0References1
nessus
nessus
added 2018/08/20 12:0 a.m.30 views

FreeBSD : botan2 -- ECDSA side channel (7762d7ad-2e38-41d2-9785-c51f653ba8bd)

botan2 developers report : A side channel in the ECDSA signature operation could allow a local attacker to recover the secret key. Found by Keegan Ryan of NCC Group. Bug introduced in 2.5.0, fixed in 2.7.0. The 1.10 branch is not affected. C Tenable Network Security, Inc. The descriptive text and...

5.9CVSS6.4AI score0.00499EPSS
Exploits1References4
openvas
openvas
added 2018/07/12 12:0 a.m.29 views

Fedora Update for botan2 FEDORA-2018-98ab6b4e56

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.3AI score0.00887EPSS
Exploits2References2
openvas
openvas
added 2018/07/12 12:0 a.m.22 views

Fedora Update for botan2 FEDORA-2018-eaa7de17ae

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.3AI score0.00887EPSS
Exploits2References2
nessus
nessus
added 2018/07/12 12:0 a.m.35 views

Fedora 27 : botan2 (2018-98ab6b4e56)

Update Botan2 to 2.7.0. Focus of this release is on performance and side channel hardening. - Address side channels in RSA key generation and ECDSA signing - Side channel hardening in many core algorithms modular exponentiation, ECC scalar multiply, Karatsuba multiplication, Barrett reduction, et...

5.9CVSS6AI score0.00887EPSS
Exploits2References4
fedora
fedora
added 2018/07/11 7:32 p.m.60 views

[SECURITY] Fedora 27 Update: botan2-2.7.0-1.fc27

Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...

5.9CVSS1.5AI score0.00887EPSS
Exploits2
freebsd
freebsd
added 2018/06/13 12:0 a.m.42 views

botan2 -- ECDSA side channel

botan2 developers report: A side channel in the ECDSA signature operation could allow a local attacker to recover the secret key. Found by Keegan Ryan of NCC Group. Bug introduced in 2.5.0, fixed in 2.7.0. The 1.10 branch is not affected...

5.9CVSS4.1AI score0.00499EPSS
Exploits1References2
Rows per page
Query Builder