exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 3296-1

Debian Security Advisory 3296-1
Posted Jun 29, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3296-1 - Evgeny Sidorov discovered that libcrypto++, a general purpose C++ cryptographic library, did not properly implement blinding to mask private key operations for the Rabin-Williams digital signature algorithm. This could allow remote attackers to mount a timing attack and retrieve the user's private key.

tags | advisory, remote
systems | linux, debian
advisories | CVE-2015-2141
SHA-256 | 4707bd24eba3fb745274e22475d0cd9ef7b5c266fc91bff5bcd81208fc794025

Debian Security Advisory 3296-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3296-1 security@debian.org
https://www.debian.org/security/ Alessandro Ghedini
June 29, 2015 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : libcrypto++
CVE ID : CVE-2015-2141

Evgeny Sidorov discovered that libcrypto++, a general purpose C++
cryptographic library, did not properly implement blinding to mask
private key operations for the Rabin-Williams digital signature
algorithm. This could allow remote attackers to mount a timing attack
and retrieve the user's private key.

For the oldstable distribution (wheezy), this problem has been fixed
in version 5.6.1-6+deb7u1.

For the stable distribution (jessie), this problem has been fixed in
version 5.6.1-6+deb8u1.

For the testing distribution (stretch), this problem will be fixed
in version 5.6.1-7.

For the unstable distribution (sid), this problem has been fixed in
version 5.6.1-7.

We recommend that you upgrade your libcrypto++ packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVkQXjAAoJEK+lG9bN5XPLGCoP/jlLKGCEKcVIyNFSzNQ3r/K2
j9pYi/aRG8XtKXawti8cG33nhXbjlqKf96kGPHx7Deu9CBiDm5prscfGqUGfc6ru
vQhdkamghhI8OsLKeitqHXPFNDleFXa3UlwomBNIqUXzQyREDidQJKZhhg1RS5dY
sovbJtUwm0H7F98+u1tEE3tyQQC8VcX3xXncXgVMV4HcVcOj+4tEl64PljUSeGzW
Hz2FqQLqk4t7ckT31vlKtVQivAvPiDVu0EazTAnnQkm0FEQCScVCdQz744Ox5RzO
P/nuYuK2n5QuI9/0LbnCniEY1wqIKvkXh00lrG00QKbtWpdw891nc7FoMeO6qfLe
jVYiJjfV5/tJwFYGr5Dd9ShPXQUR7UnIPh3rgAIYWhYkYE0KHhUBZXcVElSOwCOR
ZXuZ9F6I9cXX8NLRBULfXXasPNLi+gYMYcGbF9y1dDaYXH+sskuRXWh1tat2PvuO
6e4u49UyiVvd5GnUWv5IIJJcrCoCayewRsHBsddeagtgtXCA+LRLg9uylm1HELNL
rjG+yZcoMRmojyCiEHN5xJekjkK0P82moURBTKq1cnL6eb3GhGB95VJ4UKqg/RNS
iGnxrfijoK5ZN7m8qylvoVQExQ8q1nOKSJT1lcpvFAVyFh4RVcjuMALsVIOgVURC
Xg0YheXBZs4lRtCcKLtl
=NhFp
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close