Date: Thu, 16 Aug 2018 08:50:22 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 230666] [maintainer-update] security/botan2: update to 2.7.0 Message-ID: <bug-230666-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D230666 Bug ID: 230666 Summary: [maintainer-update] security/botan2: update to 2.7.0 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: ports-bugs@FreeBSD.org Reporter: tremere@cainites.net Created attachment 196248 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D196248&action= =3Dedit Update to Botan 2.7.0 Most notable fix: 2018-06-13 (CVE-2018-12435): ECDSA side channel A side channel in the ECDSA signature operation could allow a local attacke= r to recover the secret key. Found by Keegan Ryan of NCC Group. Bug introduced in 2.5.0, fixed in 2.7.0. The 1.10 branch is not affected. Full changelog: https://botan.randombit.net/news.html#version-2-7-0-2018-07= -02 Poudriere buildlog: https://pkg.cainites.net/build.html?mastername=3Dfreebsd_11x64-system&build= =3D2018-08-16_10h32m16s --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-230666-7788>