VDB
GCVE-110-MAGEIA-2016-147
GCVE-110-MAGEIA-2016-147
Advisory Published
Updated libcryptopp packages fix security vulnerability:
In libcryptopp, for both Rijndael::Enc::ProcessAndXorBlock and
Rijndael::Dec::ProcessAndXorBlock there is some code to avoid timing attacks,
however it is removed by the compiler due to optimizations, making the binary
vulnerable to timing attacks (CVE-2016-3995).
This update also corrects some bugs with the package.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | libcryptopp | 0 (affected), 5.6.3-1.1.mga5 (unaffected) | — |
Aliases
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.