| Release | Version |
|---|---|
| buster | 5.6.4-8 |
| bullseye | 8.4.0-1 |
| bookworm | 8.7.0+git220824-1 |
| sid | 8.7.0+git220824-1 |
| Bug | buster | bullseye | bookworm | sid | Description |
|---|---|---|---|---|---|
| CVE-2021-40530 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | The ElGamal implementation in Crypto++ through 8.5 allows plaintext re ... |
| CVE-2019-14318 | vulnerable (no DSA) | fixed | fixed | fixed | Crypto++ 8.3.0 and earlier contains a timing side channel in ECDSA sig ... |
| Bug | buster | bullseye | bookworm | sid | Description |
|---|---|---|---|---|---|
| CVE-2021-43398 | vulnerable | vulnerable | vulnerable | vulnerable | ** DISPUTED ** Crypto++ (aka Cryptopp) 8.6.0 and earlier contains a ti ... |
| CVE-2016-7420 | vulnerable | vulnerable | vulnerable | vulnerable | Crypto++ (aka cryptopp) through 5.6.4 does not document the requiremen ... |
| Bug | Description |
|---|---|
| CVE-2017-9434 | Crypto++ (aka cryptopp) through 5.6.5 contains an out-of-bounds read v ... |
| CVE-2016-9939 | Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its A ... |
| CVE-2016-7544 | Crypto++ 5.6.4 incorrectly uses Microsoft's stack-based _malloca and _ ... |
| CVE-2016-3995 | The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and ... |
| CVE-2015-2141 | The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcr ... |
| DSA / DLA | Description |
|---|---|
| DLA-766-1 | libcrypto++ - security update |
| DSA-3748-1 | libcrypto++ - security update |
| DLA-262-1 | libcrypto++ - security update |
| DSA-3296-1 | libcrypto++ - security update |