USN-4827-1: Crypto++ vulnerability
15 March 2021
Crypto++ could be made to expose sensitive information if it received specially crafted input.
Releases
Packages
- libcrypto++ - General purpose cryptographic library for C++
Details
It was discovered that Crypto++ mishandled certain input. An attacker could
use this vulnerability to leak potentially sensitive information.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04
-
libcrypto++9v5
-
5.6.1-9ubuntu0.1+esm1
Available with Ubuntu Pro
Ubuntu 14.04
-
libcrypto++9
-
5.6.1-6+deb8u3ubuntu0.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.