Advisories ยป MGASA-2017-0422

Updated botan packages fix security vulnerability

Publication date: 20 Nov 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-14737

Description

In the Montgomery exponentiation code, a table of precomputed values is
used. An attacker able to analyze which cache lines were accessed
(perhaps via an active attack such as Prime+Probe) could recover
information about the exponent (CVE-2017-14737).
                

References

SRPMS

5/core

6/core