Upstream information
Description
In the CryptX module before 0.062 for Perl, gcm_decrypt_verify() and chacha20poly1305_decrypt_verify() do not verify the tag.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having critical severity.
SUSE Bugzilla entry: 1221528 [RESOLVED / FIXED]SUSE Security Advisories:
- openSUSE-SU-2024:0112-1, published Sat Apr 20 18:52:09 2024
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
SUSE Package Hub 15 SP5 |
| Patchnames: openSUSE-2024-112 |
openSUSE Leap 15.5 |
| Patchnames: openSUSE-2024-112 |
openSUSE Tumbleweed |
| Patchnames: openSUSE-Tumbleweed-2024-13866 |
SUSE Timeline for this CVE
CVE page created: Mon Mar 18 07:00:16 2024CVE page last modified: Fri Nov 29 13:32:25 2024