FYI... This was sent to our package maintainers.
---------- Forwarded message ----------
From: Jeffrey Walton <
nolo...@gmail.com>
Date: Thu, Apr 7, 2016 at 7:22 PM
Subject: Re: Potential Crypto++ security bug against AES hardening and
timing attacks
To: ...
Hi Everyone,
We checked in the fix for the issue at:
*
http://github.com/weidai11/cryptopp/commit/9f335d719ebc27f58251559240de0077ec42c583
We also picked up the improvement for constant propagation:
*
http://github.com/weidai11/cryptopp/commit/50e5c14c18671726d23479b5e0cadc4224100259
We have not received feedback on the imperativeness of a CVE, so we
are going to handle this as a normal bug fix.
Jeff
On Wed, Apr 6, 2016 at 4:35 PM, Jeffrey Walton <
nolo...@gmail.com> wrote:
> Hi Everyone,
>
> We are tracking a potential security bug in Crypto++. The issue was
> reported at
http://github.com/weidai11/cryptopp/issues/146.
>
> The bug is due to the optimizer discarding some code that was intended
> to harden AES against some side channel attacks. Its hard to gauge
> impact, but I'm guessing it could leave to key recovering in some
> circumstances.
>
> We will have a patch shortly.
>
> If it merits a CVE, then we will likely release Crypto++ 5.6.4 in the
> next 15 to 30 days. I'm waiting to hear back from some Red Hat folks
> on the need for a CVE.
>
> László - any thoughts on a CVE from Debian's perspective?