Fedora has issued an advisory on July 20: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNLPSUOQTRVMV6WYZLISDVNWVFZEBQR5/ The fix is: https://github.com/randombit/botan/commit/94e9154c143aa5264da6254a6a1be5bc66ee2b5a (it is included in version 2.19.5).
Status comment: (none) => Fixed upstream in 2.19.5 and patch available from upstreamSource RPM: (none) => botan2-2.19.3-1.mga9.src.rpmCVE: (none) => CVE-2024-34703
Assigning to Stig who put 2.19.5 into Cauldron, for M9.
Assignee: bugsquad => smelror
Assigning to QA, Packages in 9/Core/Updates_testing: ====================== botan2-2.19.5-1.mga9 botan2-doc-2.19.5-1.mga9.noarch.rpm libbotan2-devel-2.19.5-1.mga9 libbotan2_19-2.19.5-1.mga9 lib64botan2-devel-2.19.5-1.mga9 lib64botan2_19-2.19.5-1.mga9 python3-botan2-2.19.5-1.mga9 From SRPMS: botan2-2.19.5-1.mga9.src.rpm
Assignee: smelror => qa-bugsCC: (none) => geiger.david68210
Keywords: (none) => advisory
RH x86_64 LC_ALL=C urpmi --auto --auto-update medium "QA Testing (64-bit)" is up-to-date medium "Core Release (distrib1)" is up-to-date medium "Core Updates (distrib3)" is up-to-date medium "Nonfree Release (distrib11)" is up-to-date medium "Nonfree Updates (distrib13)" is up-to-date medium "Tainted Release (distrib21)" is up-to-date medium "Tainted Updates (distrib23)" is up-to-date medium "Core 32bit Release (distrib31)" is up-to-date medium "Core 32bit Updates (distrib32)" is up-to-date medium "Nonfree 32bit Release (distrib36)" is up-to-date medium "Tainted 32bit Release (distrib41)" is up-to-date medium "Tainted 32bit Updates (distrib42)" is up-to-date installing lib64botan2_19-2.19.5-1.mga9.x86_64.rpm python3-botan2-2.19.5-1.mga9.x86_64.rpm botan2-2.19.5-1.mga9.x86_64.rpm from //home/katnatek/qa-testing/x86_64 Preparing... ################################################################################################## 1/3: botan2 ################################################################################################## 2/3: lib64botan2_19 ################################################################################################## 3/3: python3-botan2 ################################################################################################## 1/3: removing lib64botan2_19-2.19.3-1.mga9.x86_64 ################################################################################################## 2/3: removing python3-botan2-2.19.3-1.mga9.x86_64 ################################################################################################## 3/3: removing botan2-2.19.3-1.mga9.x86_64 ################################################################################################## Reference bug#29659 Comment#5 echo "Test File" > testbotan.txt botan base64_enc testbotn.txt > testbotancrypt.txt cat testbotancrypt.txt VGVzdCBGaWxlCg== botan base64_dec testbotancrypt.txt Test File python3 Python 3.10.11 (main, Mar 26 2024, 15:00:27) [GCC 12.3.0] on linux Type "help", "copyright", "credits" or "license" for more information. >>> import botan2 >>> tester = botan2.RandomNumberGenerator() >>> tested = tester.get(10) >>> print ("Random number is {}".format(tested)) Random number is b'\xa5.\x13*Y8\xd4\n\xabQ' >>> quit() I not install botan2-doc so not have the documentation Looks good to me
Whiteboard: (none) => MGA9-64-OKCC: (none) => andrewsfarm
Validating.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0297.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED