Updated libtomcrypt packages fix security vulnerabilityPublication date: 15 Aug 2018
Affected Mageia releases : 6
CVE: CVE-2018-0739 , CVE-2018-12437
libtomcrypt has been updated to secure it against two security vulnerabilities. A problem in the ASN.1 parser could cause a stack overflow and a resulting denial of service when parsing deeply recursive ASN.1 types (CVE-2018-0739). An attacker capable of triggering signatures and mounting a side channel attack against a victim can extract an ECDSA key in a practical amount of time (CVE-2018-12437).