AVG-1046 log
| Package | crypto++ |
| Status | Fixed |
| Severity | High |
| Type | private key recovery |
| Affected | 8.2.0-1 |
| Fixed | 8.2.0-2 |
| Current | 8.9.0-1 [extra] |
| Ticket | None |
| Created | Sun Oct 13 14:31:28 2019 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2019-14318 | High | Yes | Private key recovery | A vulnerability has been found in the ECDSA/EdDSA implementation of crypto++ up to 8.2.0, allowing for practical recovery of the long-term private key. |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 06 Dec 2019 | ASA-201912-3 | crypto++ | private key recovery |