ALT Linux Team

Package libbotan update in sisyphus on 2021-01-22

ALT-PU-2021-1113-1

Package libbotan updated to version 2.17.3-alt1 for branch sisyphus in task 265028.

Closed vulnerabilities

Published: 2021-02-22
Modified: 2024-11-21

CVE-2021-24115

In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex).

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top