openSUSE has issued an advisory today (November 23): https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BTCNO3M6FEDJQGUUPVOQE3OWQZIUMQ3A/ The issue is fixed upstream in 2.19.3.
Status comment: (none) => Fixed upstream in 2.19.3
Yet another which falls in your court, Stig (although not officially your package). You have already put version 2.19.3 in Cauldron (and earlier updates).
Assignee: bugsquad => smelror
Advisory ======== This update for Botan fixes CVE-2022-43705. CVE-2022-43705: Fixed validation of embedded certificates was when checking OCSP responses References ========== https://www.suse.com/security/cve/CVE-2022-43705.html Files ===== Uploaded to core/updates_testing python3-botan2-2.17.3-2.2.mga8 botan2-2.17.3-2.2.mga8 lib64botan2-devel-2.17.3-2.2.mga8 lib64botan2_17-2.17.3-2.2.mga8 botan2-doc-2.17.3-2.2.mga8 from botan2-2.17.3-2.2.mga8.src.rpm
Assignee: smelror => qa-bugs
CC: (none) => smelrorStatus comment: Fixed upstream in 2.19.3 => (none)
MGA8-64 MATE on Acer Aspire 5253 No installation issues ref bug 29659 Comment 5 for testing $ botan --help Usage: botan <cmd> <cmd-options> All commands support --verbose --help --output= --error-output= --rng-type= --drbg-seed= Available commands: Encoders/Decoders: asn1print Decode and print file with ASN.1 Basic Encoding Rules (BER) base32_dec Decode Base32 encoded file etc..... $ echo "Test File" > testbotan.txt [tester8@mach7 Documents]$ botan base64_enc testbotan.txt > testbotancrypt.txt [tester8@mach7 Documents]$ cat testbotancrypt.txt VGVzdCBGaWxlCg== $ botan base64_dec testbotancrypt.txt Test File [tester8@mach7 Documents]$ python3 Python 3.8.14 (default, Oct 4 2022, 06:27:18) [GCC 10.4.0] on linux Type "help", "copyright", "credits" or "license" for more information. >>> import botan2 >>> tester = botan2.RandomNumberGenerator() >>> tested = tester.get(10) >>> print ("Random number is {}".format(tested)) Random number is b'\xc0\x1aX:\xd3\x8cE`=\x16' >>> quit() $ lynx /usr/share/doc/botan-2.17.3/handbook/index.html I can navigate the pages Looks OK for me.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA8-64-OK
Validating. Advisory in comment 2.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0445.html
Status: NEW => RESOLVEDResolution: (none) => FIXED