diff options
author | Jack Lloyd <[email protected]> | 2015-10-15 12:35:53 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2015-10-15 12:35:53 -0400 |
commit | ecd6d9de95fceba95aaf6e93a0543b05ef6a8369 (patch) | |
tree | 5e8f2ecad3640574b14fb3a5ba5dc350cce7b3a5 /doc/security.rst | |
parent | 7335eefcf419a2ab7a770c3aa6fbb06956891bad (diff) |
Add security notifications/advisory page to website.
Based on GH #272
Diffstat (limited to 'doc/security.rst')
-rw-r--r-- | doc/security.rst | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/doc/security.rst b/doc/security.rst new file mode 100644 index 000000000..4b36fa717 --- /dev/null +++ b/doc/security.rst @@ -0,0 +1,51 @@ + +Security +======================================== + +If you think you have found a security bug in Botan please contact +Jack Lloyd ([email protected]). If you would like to encrypt your +mail please use:: + + pub rsa3072/57123B60 2015-03-23 + Key fingerprint = 4E60 C735 51AF 2188 DF0A 5A62 78E9 8043 5712 3B60 + uid Jack Lloyd <[email protected]> + +This key can be found in the file `pgpkey.txt` or online at +https://keybase.io/jacklloyd and on most PGP keyservers. + +Advisories +---------------------------------------- + +2015 +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +* 2015-08-03 (CVE-2015-5726) + + The BER decoder would crash due to reading from offset 0 of an empty vector if + it encountered a BIT STRING which did not contain any data at all. This can be + used to easily crash applicatons reading untrusted ASN.1 data, but does not + seem exploitable for code execution. Found with afl. + + Fixed in 1.11.19 and 1.10.10, affected all previous versions of 1.10 and 1.11 + +* 2015-08-03 (CVE-2015-5727) + + The BER decoder would allocate a fairly arbitrary amount of memory in a length + field, even if there was no chance the read request would succeed. This might + cause the process to run out of memory or invoke the OOM killer. Found with afl. + + Fixed in 1.11.19 and 1.10.10, affected all previous versions of 1.10 and 1.11 + +2014 +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +* 2014-04-10 (CVE-2014-9742) + + A bug in the Miller-Rabin primality test resulted in only a single random base + being used instead of a sequence of such bases. This increased the probability + that a non-prime would be accepted by is_prime or that a randomly generated + prime might actually be composite. The probability of a random 1024 bit + number being incorrectly classed as prime with a single base is around 2^-40. + Reported by Jeff Marrison. + + Fixed in 1.11.9 and 1.10.8, affected all versions since 1.8.3 |