Overview

File _patchinfo of Package patchinfo.5777

<patchinfo incident="5777">
  <issue id="1060433" tracker="bnc">VUL-0: CVE-2017-14737: Botan: A cryptographic cache-based side channel in the RSA implementation allows local attacker to recover information about RSA secret keys.</issue>
  <issue id="2017-14737" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>dmolkentin</packager>
  <description>This update for Botan fixes the following issues:

This security issue was fixed:

- CVE-2017-14737: A cryptographic cache-based side channel in the RSA
  implementation in Botan allowed a local attacker to recover information about
  RSA secret keys, as demonstrated by CacheD. This occured because an array is
  indexed with bits derived from a secret key (bsc#1060433).
</description>
  <summary>Security update for Botan</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places