Description
The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before
1.11.9 improperly uses a single random base, which makes it easier for
remote attackers to defeat cryptographic protection mechanisms via a DH
group.
Notes
| seth-arnold | "Introduced in 1.8.3, fixed in 1.10.8 and 1.11.9" |
Package
| Upstream: | released
(1.10.8-1)
|
| Ubuntu 14.04 ESM: | DNE
(trusty was released [1.10.5-1+deb7u1ubuntu0.14.04.1])
|
| Ubuntu 20.04 FIPS Compliant: | not-affected
|
Patches:
Updated: 2022-04-13 12:03:11 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)