Fedora 39: FEDORA-2023-45b3e123a7 Moderate Risk: rust-crypto-bor Info Leak
fedora
October 3, 2023
- Update the aes-gcm crate to version 0.10.3
Summary
Pure Rust implementation of the AES-GCM (Galois/Counter Mode)
Authenticated Encryption with Associated Data (AEAD) Cipher with
optional architecture-specific hardware acceleration.
Update Information:
- Update the aes-gcm crate to version 0.10.3. Addresses CVE-2023-42811. - Rebuild dependent packages (firecracker) for aes-gcm v0.10.3. https://www.cve.org/CVERecord?id=CVE-2023-42811
Topics Covered
Change Log
* Sun Sep 24 2023 Fabio Valentini
References
[ 1 ] Bug #2240269 - CVE-2023-42811 rust-aes-gcm: aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2240269
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-17bdd59177' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Name: rust-aes-gcm
Product: Fedora 39
Version: 0.10.3
Release: 1.fc39
URL: Summary : Pure Rust implementation of the AES-GCM AEAD Cipher
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!