botan
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | Crypto library written in C++ |
| Version | 3.9.0-1 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2362 | 2.18.1-1 | 2.18.2-1 | Medium | Fixed | |
| AVG-416 | 2.2.0-1 | 2.3.0-1 | Medium | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-40529 | AVG-2362 | Medium | Yes | Information disclosure | The ElGamal implementation in Botan before version 2.18.2, as used in Thunderbird and other products, allows plaintext recovery because, during interaction... |
| CVE-2017-14737 | AVG-416 | Medium | No | Information disclosure | A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 12 Oct 2017 | ASA-201710-17 | AVG-416 | Medium | information disclosure |