drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in bouncycastle
Name: |
Preisgabe von Informationen in bouncycastle |
|
ID: |
DSA-3829-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian sid, Debian jessie |
|
Datum: |
Di, 11. April 2017, 23:35 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6644 |
|
Applikationen: |
Bouncy Castle |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3829-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff April 11, 2017 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : bouncycastle CVE ID : CVE-2015-6644
Quan Nguyen discovered that a missing boundary check in the Galois/Counter mode implementation of Bouncy Castle (a Java implementation of cryptographic algorithms) may result in information disclosure.
For the stable distribution (jessie), this problem has been fixed in version 1.49+dfsg-3+deb8u2.
For the upcoming stable distribution (stretch), this problem has been fixed in version 1.54-1.
For the unstable distribution (sid), this problem has been fixed in version 1.54-1.
We recommend that you upgrade your bouncycastle packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAljtQBMACgkQEMKTtsN8 TjbtAhAAr0BB7KLMM3KmphxUlXmGJDCr7s3rs831xuMHDxs1hzm0ykIJg/wHp/dc LngUdeY/qlESw0YUI687LrIi1WyIbNWFSZrAVHtI4Wdflo3GR7gTi2DrcqMCUDW1 qXPpT2++lbvyiqgJsinPaw7s8IJ3YihUp/rBcJTeXQvD5zs/mjB8cEDh38jDHXeM DdFQbVrn04Sp1Q0qjGDMEw6UtpghRxrOOvWXPUx7YsD1jGAQ2ZY6CmtEiEKhbEq5 M3G3E3FN0/vAq+ViqrO5TEKSFCNuqUxQGdy+pVB/fggIDgxg5jWSMokODKJa/HoD GYn1PNUF45UXHC0KCYpEbEwOZ/YSI61cHa/nOuIzPtY+AtrbDqxFHLX1SOdeGvvH +YiZRbKCY4dRXetUQpDwzaBxmRml99i6/Tsjlp2LMYeCjMgNDNmTcy0yrPg9Wy+0 zAwm+vvlFfuvVSY4d5RI85JhWd+iKjGJGmpbPF0gNldi706PMR3juPi+3aGCe3LT Go9pev5aZMhbRQSSrTNe1p7iKFjsUbF7TaKMZ/cxOsL2n/tdyqTEYZP37Ve8pwuB taTcQS+MwlyQFpMBJbPpJfCeB+Bc97jZCZIDiJdkm+Fi8mhIW7uANxNChz+1BHb5 1hGvGE6IXTMd54kgGzMhUG9LFH8WlYlqDeKGNZfSulyrIxHZ2vU= =RACT -----END PGP SIGNATURE-----
|
|
|
|