USN-6489-1: Tang vulnerability
20 November 2023
Tang could allow unintended access to secret keys.
- tang - network-based cryptographic binding server
Brian McDermott discovered that Tang incorrectly handled permissions when
creating/rotating keys. A local attacker could possibly use this issue to
read the keys.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.