UbuntuUpdates.org

Package "libtomcrypt-dev"

Name: libtomcrypt-dev

Description:

static library, header files and documentation for libtomcrypt

Latest version: 1.17-7ubuntu0.1
Release: xenial (16.04)
Level: updates
Repository: universe
Head package: libtomcrypt
Homepage: http://libtom.net/

Links


Download "libtomcrypt-dev"


Other versions of "libtomcrypt-dev" in Xenial

Repository Area Version
base universe 1.17-7
security universe 1.17-7ubuntu0.1

Changelog

Version: 1.17-7ubuntu0.1 2018-08-06 22:06:52 UTC

  libtomcrypt (1.17-7ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Fix possible bleichenbacher signature attack.
    - debian/patches/CVE-2016-6129.patch: fix in
      src/pk/rsa/rsa_verify_hash.c
    - CVE-2016-6129

  * SECURITY UPDATE: Memory side-channel attack on ECDSA signatures.
    - debian/patches/CVE-2018-12437.patch: fix in
      src/pk/ecc/ecc_sign_hash.c
    - CVE-2018-12437

 -- Eduardo Barretto <email address hidden> Mon, 06 Aug 2018 14:23:25 -0300

CVE-2016-6129 The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equ
CVE-2018-12437 LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To di



About   -   Send Feedback to @ubuntu_updates