Date: Mon, 14 Jan 2019 13:20:37 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 234938] security/botan2: update to 2.9.0 (fixes CVE-2018-20187) Message-ID: <bug-234938-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D234938 Bug ID: 234938 Summary: security/botan2: update to 2.9.0 (fixes CVE-2018-20187) Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: ports-bugs@FreeBSD.org Reporter: tremere@cainites.net Created attachment 201121 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D201121&action= =3Dedit Update to botan2 2.9.0 This update fixes the following security advisory: - CVE-2018-20187 Address a side channel during ECC key generation, which us= ed an unblinded Montgomery ladder. As a result, a timing attack can reveal information about the high bits of the secret key. Full changelog: https://botan.randombit.net/news.html#version-2-9-0-2019-01= -04 --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-234938-7788>