Format: 1.8 Date: Sat, 20 Aug 2016 16:56:27 -0700 Source: botan1.10 Binary: botan1.10-dbg libbotan-1.10-0 libbotan1.10-dev Architecture: source Version: 1.10.5-1+deb7u1ubuntu0.14.04.1 Distribution: trusty-security Urgency: high Maintainer: Ubuntu Developers Changed-By: Steve Beattie Description: botan1.10-dbg - multiplatform crypto library (debug) libbotan-1.10-0 - multiplatform crypto library libbotan1.10-dev - multiplatform crypto library (development) Changes: botan1.10 (1.10.5-1+deb7u1ubuntu0.14.04.1) trusty-security; urgency=medium . * Security merge from Debian. . botan1.10 (1.10.5-1+deb7u1) wheezy-security; urgency=high . * Non-maintainer upload by the LTS team. * CVE-2014-9742: Fix insufficient randomness in Miller-Rabin primality check. * CVE-2015-5726: Fix crash in BER decoder. * CVE-2015-5727: Fix excess memory allocation in BER decoder. * CVE-2015-7827: Fix PKCS #1 v1.5 decoding was not constant time. * CVE-2016-2194: Fix infinite loop in modulur square root algorithm. * CVE-2016-2195: Fix Heap overflow on invalid ECC point. * CVE-2016-2849: Use constant time modular inverse algorithm to avoid possible side channel attack against ECDSA. Checksums-Sha1: 707f6593c782aef84888c74304fbbc08dee0612b 2194 botan1.10_1.10.5-1+deb7u1ubuntu0.14.04.1.dsc 4e561889dd1bede4992761fad949c29065382525 18237 botan1.10_1.10.5-1+deb7u1ubuntu0.14.04.1.debian.tar.gz Checksums-Sha256: e5e767f24a2a847247e7330010eaba4e6bdd2efcd477f8397de8b120eebf2bfd 2194 botan1.10_1.10.5-1+deb7u1ubuntu0.14.04.1.dsc c3e80646911aaca8eacafab60f702ccd5e0548e03963dbc8181dc4c03abeaddc 18237 botan1.10_1.10.5-1+deb7u1ubuntu0.14.04.1.debian.tar.gz Files: bd538fe7405951c78cd2ec2df90fb685 2194 libs optional botan1.10_1.10.5-1+deb7u1ubuntu0.14.04.1.dsc 9e3de02f66546df525061514b281de8a 18237 libs optional botan1.10_1.10.5-1+deb7u1ubuntu0.14.04.1.debian.tar.gz Original-Maintainer: Ondřej Surý