Stay Secure with the Latest Linux Advisories

security advisoryFedoraupdate information

Fedora 29: 2018-571ea64f3d High: mbedtls Local Timing Attack

- Update to 2.14.1 - CVE-2018-19608 (#1656784) Release notes: https://www.trustedfirmware.org/projects/mbed-tls/ Security Advisory: ---- - Update to 2.14.0 Release notes:. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-571ea64f3d 2018-12-17 19:11:43.858092 --------------------------------------------------------------------------------Name : mbedtls Product : Fedora 29 Version : 2.14.1 Release : 1.fc29 URL : https://www.trustedfirmware.org/projects/mbed-tls/ Summary : Light-weight cryptographic and SSL/TLS library Description : Mbed TLS is a light-weight open source cryptographic and SSL/TLS library written in C. Mbed TLS makes it easy for developers to include cryptographic and SSL/TLS capabilities in their (embedded) applications with as little hassle as possible. FOSS License Exception: https://www.trustedfirmware.org/projects/mbed-tls/ --------------------------------------------------------------------------------Update Information: - Update to 2.14.1 - CVE-2018-19608 (#1656784) Release notes: https://www.trustedfirmware.org/projects/mbed-tls/ Security Advisory: ---- - Update to 2.14.0 Release notes: https://www.trustedfirmware.org/projects/mbed-tls/ --------------------------------------------------------------------------------ChangeLog: * Fri Dec 7 2018 Morten Stevens - 2.14.1-1 - Update to 2.14.1 - CVE-2018-19608 (#1656784) * Mon Dec 3 2018 Morten Stevens - 2.14.0-1 - Update to 2.14.0 --------------------------------------------------------------------------------References: [ 1 ] Bug #1656784 - CVE-2018-19608 mbedtls: Local timing attack on RSA decryption [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1656784 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-571ea64f3d' at the command line. Formore information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Ubuntu unveils openssl upgrade targeting vulnerabilities, boosting encryption features and overall system efficiency.. mbedtls Update, Fedora 29, Local Timing Attack, Cryptographic Library. . LinuxSecurity.com Team

Dec 17, 2018 Fedora