GHSA-2528-JW5Q-WW88 phpseclib: guardrails needed on isPrime and randomPrime

Impact Anyone trying to generate a prime and testing the primality of a number. Patches https://github.com/phpseclib/phpseclib/commit/ad5dbdf2129f5e0fb644637770b7f33de8ca8575 Workarounds Using the GMP extension would probably help, assuming that one has its own guardrails. Resources...

SUSE CVE-2014-9742

The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group...

Is X25519 Associative? Sometimes!

X25519 is a simple Elliptic Curve Diffie-Hellman ECDH function: it takes a scalar a fancy name for an integer1 and an elliptic curve point, and it multiplies the elliptic curve point by the scalar. Point additions and multiplications work modulo the order of the point, just like hours on a watch...

bouncycastle: flaw in the low-level interface to RSA key pair generator

A vulnerability was found in BouncyCastle. The number of iterations of the Miller-Rabin primality test was incorrectly calculated according to FIPS 186-4 C.3. Under some circumstances, this could lead to the generation of weak RSA key pairs...

bouncycastle: flaw in the low-level interface to RSA key pair generator

A vulnerability was found in BouncyCastle. The number of iterations of the Miller-Rabin primality test was incorrectly calculated according to FIPS 186-4 C.3. Under some circumstances, this could lead to the generation of weak RSA key pairs...

FreeBSD : Several Security Defects in the Bouncy Castle Crypto APIs (fe93803c-883f-11e8-9f0c-001b216d295b)

The Legion of the Bouncy Castle reports : Release 1.60 is now available for download. CVE-2018-1000180: issue around primality tests for RSA key pair generation if done using only the low-level API. CVE-2018-1000613: lack of class checking in deserialization of XMSS/XMSS^MT private keys with BDS...

Several Security Defects in the Bouncy Castle Crypto APIs

The Legion of the Bouncy Castle reports: Release 1.60 is now available for download. CVE-2018-1000180: issue around primality tests for RSA key pair generation if done using only the low-level API. CVE-2018-1000613: lack of class checking in deserialization of XMSS/XMSS^MT private keys with BDS...

Debian DSA-4233-1 : bouncycastle - security update

It was discovered that the low-level interface to the RSA key pair generator of Bouncy Castle a Java implementation of cryptographic algorithms could perform less Miller-Rabin primality tests than expected. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin we...

Debian: Security Advisory (DSA-4233-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2014-9742

The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group...

Information disclosure

The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group...

CVE-2014-9742

CVE-2014-9742 : The Miller–Rabin primality test in Botan before 1.10.8 and in 1.11.x before 1.11.9 improperly uses a single random base, weakening cryptographic protection for Diffie–Hellman groups. Connected advisories confirm this vulnerability in Botan’s pre-1.10.8 and specific 1.11.x releases...

CVE-2014-9742

The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group...

[SECURITY] [DLA 449-1] botan1.10 security update

Package : botan1.10 Version : 1.10.5-1+deb7u1 CVE ID : CVE-2014-9742 CVE-2015-5726 CVE-2015-5727 CVE-2015-7827 CVE-2016-2194 CVE-2016-2195 CVE-2016-2849 Several security vulnerabilities were found in botan1.10, a C++ library which provides support for many common cryptographic operations, includi...

Fedora 19 : botan-1.8.14-3.fc19 (2014-6237)

Add a patch to fix a bug in primality testing. See also http://botan.randombit.net/relnotes/1108.html. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

botan -- cryptographic vulnerability

MITRE reports: The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group...