[ubuntu/oracular-security] botan 2.19.3+dfsg-1ubuntu2.1 (Accepted)
Bruce Cable
bruce.cable at canonical.com
Mon Jun 23 01:17:55 UTC 2025
botan (2.19.3+dfsg-1ubuntu2.1) oracular-security; urgency=medium
* SECURITY UPDATE: Compiler Optimization Fault
- debian/patches/CVE-2024-50382-CVE-2024-50383.patch: Add more value
barriers to avoid compiler induced side channels
- CVE-2024-50382
- CVE-2024-50383
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2024-34702.patch: Address various name
constraint bugs
- debian/patches/CVE-2024-34703.patch: When decoding an arbitrary
elliptic curve, set an upper bound on length
- CVE-2024-34702
- CVE-2024-34703
* SECURITY UPDATE: Certificate Bypass
- debian/patches/CVE-2024-39312.patch: During X.509 verification,
first check the signatures
- CVE-2024-39312
Date: 2025-06-19 04:15:15.122570+00:00
Changed-By: Bruce Cable <bruce.cable at canonical.com>
https://launchpad.net/ubuntu/+source/botan/2.19.3+dfsg-1ubuntu2.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the oracular-changes
mailing list