drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Verwendung schwacher Verschlüsselung in bouncycastle
| Name: |
Verwendung schwacher Verschlüsselung in bouncycastle |
|
| ID: |
DSA-4233-1 |
|
| Distribution: |
Debian |
|
| Plattformen: |
Debian stretch |
|
| Datum: |
Sa, 23. Juni 2018, 10:29 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000180 |
|
| Applikationen: |
Bouncy Castle |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4233-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
June 22, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : bouncycastle
CVE ID : CVE-2018-1000180
It was discovered that the low-level interface to the RSA key pair
generator of Bouncy Castle (a Java implementation of cryptographic
algorithms) could perform less Miller-Rabin primality tests than
expected.
For the stable distribution (stretch), this problem has been fixed in
version 1.56-1+deb9u2.
We recommend that you upgrade your bouncycastle packages.
For the detailed security status of bouncycastle please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/bouncycastle
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlstVJsACgkQEMKTtsN8
TjbYZw/+Ig5wYiaMaeNbnzRu8Je7e4jGvglWlqLeTX7xG2hpzaFHCeOFxTX9oJmt
r/8y/wZMhf+pV3h1KlP9nxOLEhchcL4hSAM4necgVP6odykbH0Em2yAE5i7ae9ez
oD9Ib7dUUFbRk2a19J4bVdXXUjb3YQCN1SsS5KVYfWDgzxa+dC34vhm3yfNqoPej
0sFczW7kuUUK61a9LwNmuTp8hVyvtNc5FjhK5mEB3Fi2EiYYn8UT/LNp5QElKB4i
h7P6c1Q9jw8VSqvRqlt4n2+HAreKmOS8a61hFYFV/HFoer6rOxa03YDcC0rlva7O
a0WcOzet/IzRCOJilj2TIgXBZzFb3peyzd4arTa/VCt794qHOTIElBnmvAvVeXBW
yu83IQrDYrKnwm85K0R3YUXaBzaGTeVPwnYPJnYRydlF/zxvg7l9xx7Cy7PJN2Xh
Y+visDrPob09QFNc4PYlzQ+V6vrFrygAPO7CJ7hY7KrF8nuhbt9Ygd75IBIMTqhZ
QsQlAUZ8UU7q9vVPZCZFb89ks5WyRm8O7Kdn5wzEx1Egas1/jfUzfMOUYTEl0nfM
iOk0Q0pFpbwQ+9vWZBMWYTVHXUi8jabBbJcM4g9xVzlDk2mqTVaimnFXfl28Y3aK
D8ul9kVTrOOX/jutkY46hdLOhmGo52oHDW5qiJtQL49QzC+Qm3o=
=p+RC
-----END PGP SIGNATURE-----
|
|
|
|
