Information on source package botan

Available versions

ReleaseVersion
bullseye2.17.3+dfsg-2
bookworm2.19.3+dfsg-1
trixie2.19.5+dfsg-3
sid2.19.5+dfsg-3

Open issues

BugbullseyebookwormtrixiesidDescription
CVE-2024-50383vulnerable (no DSA, postponed)vulnerable (no DSA)fixedfixedBotan before 3.6.0, when certain GCC versions are used, has a compiler ...
CVE-2024-39312vulnerable (no DSA)vulnerable (no DSA)fixedfixedBotan is a C++ cryptography library. X.509 certificates can identify e ...
CVE-2024-34703vulnerable (no DSA)vulnerable (no DSA)fixedfixedBotan is a C++ cryptography library. X.509 certificates can identify e ...
CVE-2024-34702vulnerable (no DSA)vulnerable (no DSA)fixedfixedBotan is a C++ cryptography library. X.509 certificates can identify e ...
CVE-2022-43705vulnerable (no DSA)fixedfixedfixedIn Botan before 2.19.3, it is possible to forge OCSP responses due to ...
CVE-2021-40529vulnerable (no DSA)fixedfixedfixedThe ElGamal implementation in Botan through 2.18.1, as used in Thunder ...

Open unimportant issues

BugbullseyebookwormtrixiesidDescription
CVE-2024-50382vulnerablevulnerablefixedfixedBotan before 3.6.0, when certain LLVM versions are used, has compiler- ...

Resolved issues

BugDescription
CVE-2021-24115In Botan before 2.17.3, constant-time computations are not used for ce ...
CVE-2018-20187A side-channel issue was discovered in Botan before 2.9.0. An attacker ...
CVE-2018-12435Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-chan ...
CVE-2018-9860An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An ...
CVE-2018-9127Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard certi ...
Search for package or bug name: Reporting problems