--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2018-98ab6b4e56
2018-07-11 19:27:57.419836
--------------------------------------------------------------------------------Name        : botan2
Product     : Fedora 27
Version     : 2.7.0
Release     : 1.fc27
URL         : https://botan.randombit.net/
Summary     : Crypto and TLS for C++11
Description :
Botan is a BSD-licensed crypto library written in C++. It provides a
wide variety of basic cryptographic algorithms, X.509 certificates and
CRLs, PKCS \#10 certificate requests, a filter/pipe message processing
system, and a wide variety of other features, all written in portable
C++. The API reference, tutorial, and examples may help impart the
flavor of the library. This is the current stable release branch 2.x
of Botan.

--------------------------------------------------------------------------------Update Information:

Update Botan2 to 2.7.0.  Focus of this release is on performance and side
channel hardening.  - Address side channels in RSA key generation and ECDSA
signing  - Side channel hardening in many core algorithms (modular
exponentiation, ECC scalar multiply, Karatsuba multiplication, Barrett
reduction, etc) to reduce the risk of future exploitable side channels.  - Many
optimizations for ECC operations, RSA (including key gen), DSA, DH, and XMSS.
Typical speedups vs 2.6.0 is 10 to 40% depending on operation and key size.  -Add Scrypt password hashing. Also supported is using Scrypt to derive keys for
private key encryption (format compatible with upcoming OpenSSL 1.1.1)  - Add
base32 encoding/decoding  - Plus many bug fixes and smaller enhancements
documented in the [release
notes](https://botan.randombit.net/news.html#version-2-7-0-2018-07-02)
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #1591831 - CVE-2018-12435 botan: memory-cache side-channel attack on ECDSA signatures
        https://bugzilla.redhat.com/show_bug.cgi?id=1591831
  [ 2 ] Bug #1591163 - CVE-2018-0495 openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries
        https://bugzilla.redhat.com/show_bug.cgi?id=1591163
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-98ab6b4e56' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFRHQ7MB53ZRVKO3BAF3WDWTS6A7CC7K/

Fedora 27: botan2 Security Update

July 11, 2018
Update Botan2 to 2.7.0

Summary

Botan is a BSD-licensed crypto library written in C++. It provides a

wide variety of basic cryptographic algorithms, X.509 certificates and

CRLs, PKCS \#10 certificate requests, a filter/pipe message processing

system, and a wide variety of other features, all written in portable

C++. The API reference, tutorial, and examples may help impart the

flavor of the library. This is the current stable release branch 2.x

of Botan.

Update Botan2 to 2.7.0. Focus of this release is on performance and side

channel hardening. - Address side channels in RSA key generation and ECDSA

signing - Side channel hardening in many core algorithms (modular

exponentiation, ECC scalar multiply, Karatsuba multiplication, Barrett

reduction, etc) to reduce the risk of future exploitable side channels. - Many

optimizations for ECC operations, RSA (including key gen), DSA, DH, and XMSS.

Typical speedups vs 2.6.0 is 10 to 40% depending on operation and key size. -Add Scrypt password hashing. Also supported is using Scrypt to derive keys for

private key encryption (format compatible with upcoming OpenSSL 1.1.1) - Add

base32 encoding/decoding - Plus many bug fixes and smaller enhancements

documented in the [release

notes](https://botan.randombit.net/news.html#version-2-7-0-2018-07-02)

[ 1 ] Bug #1591831 - CVE-2018-12435 botan: memory-cache side-channel attack on ECDSA signatures

https://bugzilla.redhat.com/show_bug.cgi?id=1591831

[ 2 ] Bug #1591163 - CVE-2018-0495 openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries

https://bugzilla.redhat.com/show_bug.cgi?id=1591163

su -c 'dnf upgrade --advisory FEDORA-2018-98ab6b4e56' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFRHQ7MB53ZRVKO3BAF3WDWTS6A7CC7K/

FEDORA-2018-98ab6b4e56 2018-07-11 19:27:57.419836 Product : Fedora 27 Version : 2.7.0 Release : 1.fc27 URL : https://botan.randombit.net/ Summary : Crypto and TLS for C++11 Description : Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \#10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API reference, tutorial, and examples may help impart the flavor of the library. This is the current stable release branch 2.x of Botan. Update Botan2 to 2.7.0. Focus of this release is on performance and side channel hardening. - Address side channels in RSA key generation and ECDSA signing - Side channel hardening in many core algorithms (modular exponentiation, ECC scalar multiply, Karatsuba multiplication, Barrett reduction, etc) to reduce the risk of future exploitable side channels. - Many optimizations for ECC operations, RSA (including key gen), DSA, DH, and XMSS. Typical speedups vs 2.6.0 is 10 to 40% depending on operation and key size. -Add Scrypt password hashing. Also supported is using Scrypt to derive keys for private key encryption (format compatible with upcoming OpenSSL 1.1.1) - Add base32 encoding/decoding - Plus many bug fixes and smaller enhancements documented in the [release notes](https://botan.randombit.net/news.html#version-2-7-0-2018-07-02) [ 1 ] Bug #1591831 - CVE-2018-12435 botan: memory-cache side-channel attack on ECDSA signatures https://bugzilla.redhat.com/show_bug.cgi?id=1591831 [ 2 ] Bug #1591163 - CVE-2018-0495 openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries https://bugzilla.redhat.com/show_bug.cgi?id=1591163 su -c 'dnf upgrade --advisory FEDORA-2018-98ab6b4e56' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFRHQ7MB53ZRVKO3BAF3WDWTS6A7CC7K/

Change Log

References

Update Instructions

Severity
Product : Fedora 27
Version : 2.7.0
Release : 1.fc27
URL : https://botan.randombit.net/
Summary : Crypto and TLS for C++11

Related News

22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
20.Lock AbstractDigital Circular Esm H320
1 - 2 min read
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server. The vulnerabilities affected
1.Penguin Landscape Esm H320
1 - 2 min read
A critical vulnerability was discovered in the Linux kernel's netfilter subsystem, specifically within the nf_tables component, posing potential
19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved