Bugzilla – Bug 968028
VUL-0: CVE-2015-7825: Botan: Infinite loop during certificate path validation
Last modified: 2016-04-07 12:55:23 UTC
http://botan.randombit.net/security.html 2015-10-26 (CVE-2015-7825): Infinite loop during certificate path validation When evaluating a certificate path, if a loop in the certificate chain was encountered (for instance where C1 certifies C2, which certifies C1) an infinite loop would occur eventually resulting in memory exhaustion. Found in a review by Sirrix AG and 3curity GmbH. Introduced in 1.11.6, fixed in 1.11.22 References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7825 http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-7825.html
bugbot adjusting priority
Introduced in 1.11.6, not affecting us