User: Password:
Subscribe / Log in / New account

xtrabackup: poor encryption

Package(s):xtrabackup CVE #(s):CVE-2013-6394
Created:December 13, 2013 Updated:February 18, 2014

From the Novell bugzilla entry:

A fixed initialization vector (constant string) was used while encrypting the data. This opened the encrypted stream/data to plaintext attacks among others.

openSUSE openSUSE-SU-2013:1864-1 xtrabackup 2013-12-12
openSUSE openSUSE-SU-2014:0245-1 xtrabackup 2014-02-18

(Log in to post comments)

Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds