1
Candidate: CVE-2016-6878
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6878
5
https://botan.randombit.net/security.html#id2
7
The Curve25519 code in botan before 1.11.31, on systems without a native
8
128-bit integer type, might allow attackers to have unspecified impact via
9
vectors related to undefined behavior, as demonstrated on 32-bit ARM
10
systems compiled by Clang.
13
sarnold> I'm marking our packages as not-affected due to:
14
"Introduced in 1.11.12, fixed in 1.11.31"
21
upstream_botan1.10: not-affected
22
precise_botan1.10: not-affected
23
trusty_botan1.10: not-affected
24
vivid/stable-phone-overlay_botan1.10: DNE
25
vivid/ubuntu-core_botan1.10: DNE
26
xenial_botan1.10: not-affected
27
yakkety_botan1.10: not-affected
28
zesty_botan1.10: not-affected
29
devel_botan1.10: not-affected
32
upstream_botan1.8: not-affected
33
precise_botan1.8: not-affected
35
vivid/stable-phone-overlay_botan1.8: DNE
36
vivid/ubuntu-core_botan1.8: DNE