DSA-3296 libcrypto++ - security update
|
Información sobre el sistema
|
|
|
Software afectado |
Debian |
Descripción
|
Evgeny Sidorov discovered that libcrypto++, a general purpose C++cryptographic library, did not properly implement blinding to maskprivate key operations for the Rabin-Williams digital signaturealgorithm. This could allow remote attackers to mount a timing attackand retrieve the users private key.
More info:
https://www.debian.org/security/2015/dsa-3296 |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2015-2141 and DSA-3296. |