Login
Newsletter
Werbung

Sicherheit: Verwendung schwacher Verschlüsselung in bouncycastle
Aktuelle Meldungen Distributionen
Name: Verwendung schwacher Verschlüsselung in bouncycastle
ID: DSA-4233-1
Distribution: Debian
Plattformen: Debian stretch
Datum: Sa, 23. Juni 2018, 10:29
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000180
Applikationen: Bouncy Castle

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4233-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
June 22, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : bouncycastle
CVE ID : CVE-2018-1000180

It was discovered that the low-level interface to the RSA key pair
generator of Bouncy Castle (a Java implementation of cryptographic
algorithms) could perform less Miller-Rabin primality tests than
expected.

For the stable distribution (stretch), this problem has been fixed in
version 1.56-1+deb9u2.

We recommend that you upgrade your bouncycastle packages.

For the detailed security status of bouncycastle please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/bouncycastle

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlstVJsACgkQEMKTtsN8
TjbYZw/+Ig5wYiaMaeNbnzRu8Je7e4jGvglWlqLeTX7xG2hpzaFHCeOFxTX9oJmt
r/8y/wZMhf+pV3h1KlP9nxOLEhchcL4hSAM4necgVP6odykbH0Em2yAE5i7ae9ez
oD9Ib7dUUFbRk2a19J4bVdXXUjb3YQCN1SsS5KVYfWDgzxa+dC34vhm3yfNqoPej
0sFczW7kuUUK61a9LwNmuTp8hVyvtNc5FjhK5mEB3Fi2EiYYn8UT/LNp5QElKB4i
h7P6c1Q9jw8VSqvRqlt4n2+HAreKmOS8a61hFYFV/HFoer6rOxa03YDcC0rlva7O
a0WcOzet/IzRCOJilj2TIgXBZzFb3peyzd4arTa/VCt794qHOTIElBnmvAvVeXBW
yu83IQrDYrKnwm85K0R3YUXaBzaGTeVPwnYPJnYRydlF/zxvg7l9xx7Cy7PJN2Xh
Y+visDrPob09QFNc4PYlzQ+V6vrFrygAPO7CJ7hY7KrF8nuhbt9Ygd75IBIMTqhZ
QsQlAUZ8UU7q9vVPZCZFb89ks5WyRm8O7Kdn5wzEx1Egas1/jfUzfMOUYTEl0nfM
iOk0Q0pFpbwQ+9vWZBMWYTVHXUi8jabBbJcM4g9xVzlDk2mqTVaimnFXfl28Y3aK
D8ul9kVTrOOX/jutkY46hdLOhmGo52oHDW5qiJtQL49QzC+Qm3o=
=p+RC
-----END PGP SIGNATURE-----
Pro-Linux
Unterstützer werden
Neue Nachrichten
Werbung