SUSE Package Hub - openSUSE-2021-794

Update Info

openSUSE-2021-794

Security update for Botan

Type: security

Severity: important

Issued: 2021-05-25

Description:

This update for Botan fixes the following issues:

- CVE-2021-24115  In Botan before 2.17.3, or this backport, constant-time computations are not used for certain decoding and encoding operations (boo#1182670)

This update was imported from the openSUSE:Leap:15.2:Update update project.

References

CVE: CVE-2021-24115
Bugzilla: 1182670 VUL-1: CVE-2021-24115: Botan: constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex).

Packages

Botan-2.10.0-bp152.4.6.1