[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 915-1] botan1.10 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : botan1.10
Version        : 1.10.5-1+deb7u3
CVE ID         : CVE-2017-2801
Debian Bug     : 860072


A bug in X509 DN string comparisons could result in out of bound reads. This could result in information leakage, denial of service, or potentially incorrect certificate validation results.


For Debian 7 "Wheezy", these problems have been fixed in version
1.10.5-1+deb7u3.

We recommend that you upgrade your botan1.10 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ7BAEBCgBmBQJY/6adXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHL5gP+JodehfT1ijWVRcfWpQ0uLI2
rgh1wmsBetup2geIa4VeBT/lfpB7Zc9vtmTFAcBEmfpDQSAqUmYbwrqX4C3DM3yn
/AqEZlm/bm+lq1k/Y1FVP8WtOv0siInpXgPOYY2OLarCadbMQo7zFMIGGqoLK937
SD9JjzDU/2vPUjhXx/ZwIjivbX6BhG/bMpw6S4LiOGbaHq43AlrSRHvwhVvFsRud
QvWdbZG0wpQsuIsUjzO6I835lQBDz+ZLV40pkhmS8UcJQp4hahUpf4rhTdQBBOP4
LNL5DtlbtiNv2Np+qzGTI6pesaaSamp6QZ5Wh5CZjU3nDJMfRL7U+k1rCxOpBcm+
jgTlWswIMZu06Wmawt3eV7mLXyTQ7jRY2o7ZwqDC4L1Mzulldd7lo9ck37mxe6jd
o6rETa/5yzvzpJphYBMS5jfhXa2TFOKe00FumIfaDE3ll38dLdWK4sibvjDayLcy
KcpOXeZNUmMSiFyK5k+x7Q2uEe97T0nK5mWHI4ngG6EmP/hd8gsmXMOZsJcbGIp/
qSZcisJfc1+U4JxZ3qAa2q7DRHbDh+5mzUOYs4HYLB2pPF0h+9+PT3oxrULGjQ5r
LF9cJi4v9DOrgec+/vWgLAvoOOZRE0ONtThO9qnrMaeETa0ko913zE1DHx9yo2rg
mN/oPNHCiW+H+XPNkhA=
=/dkk
-----END PGP SIGNATURE-----


Reply to: