| Release | Version |
|---|---|
| buster | 2.9.0-2 |
| bullseye | 2.17.3+dfsg-2 |
| bookworm | 2.19.3+dfsg-1 |
| trixie | 2.19.3+dfsg-1 |
| sid | 2.19.3+dfsg-1 |
| Bug | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2022-43705 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | In Botan before 2.19.3, it is possible to forge OCSP responses due to ... |
| CVE-2021-40529 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | The ElGamal implementation in Botan through 2.18.1, as used in Thunder ... |
| CVE-2021-24115 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | In Botan before 2.17.3, constant-time computations are not used for ce ... |
| Bug | Description |
|---|---|
| CVE-2018-20187 | A side-channel issue was discovered in Botan before 2.9.0. An attacker ... |
| CVE-2018-12435 | Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-chan ... |
| CVE-2018-9860 | An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An ... |
| CVE-2018-9127 | Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard certi ... |