MGASA-2016-0369

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2016-0369.html

Import Source

https://advisories.mageia.org/MGASA-2016-0369.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2016-0369

Related

CVE-2016-6129

Published

2016-11-06T13:37:17Z

Modified

2016-11-06T13:27:18Z

Summary

Updated libtomcrypt packages fix security vulnerability

Details

It was discovered that the implementation of RSA signature verification in libtomcrypt is vulnerable to the Bleichenbacher signature attack. If an RSA key with exponent 3 is used it may be possible to forge a PKCS#1 v1.5 signature signed by that key (CVE-2016-6129).

References

https://advisories.mageia.org/MGASA-2016-0369.html
https://bugs.mageia.org/show_bug.cgi?id=19305
http://lwn.net/Alerts/699791/

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2016-0369

Affected packages