diff options
| author | Red Davies <red@infect.me> | 2020-11-21 00:44:06 -0500 |
|---|---|---|
| committer | Red Davies <red@infect.me> | 2020-11-24 14:11:14 -0500 |
| commit | 93b523d030aa03b954ac9c42f62e8dc458c376b6 (patch) | |
| tree | c5eeefdd096c113a33ee3f3a7110702449f530d9 /pkgs/development/python-modules/python-mapnik/python-mapnik_std_optional.patch | |
| parent | 65c4e2500f25076a2db330b8953410faab817420 (diff) | |
botan2: update 2.7.0 -> 2.9.0
Fixes:
CVE-2018-12435: requires >= 2.7.0 (NVD extry is incorrect)
"Bug introduced in 2.5.0, fixed in 2.7.0. The 1.10 branch is not affected."
A side channel in the ECDSA signature operation could allow a local attacker to recover the secret key.
CVE-2018-20187: requires >= 2.9.0
"Introduced in 1.11.20, fixed in 2.8.0."
A timing side channel during ECC key generation could leak information about the high bits of the secret scalar. Such information allows an attacker to perform a brute force attack on the key somewhat more efficiently than they would otherwise.
Diffstat (limited to 'pkgs/development/python-modules/python-mapnik/python-mapnik_std_optional.patch')
0 files changed, 0 insertions, 0 deletions