Bug 1219614

Summary: VUL-0: liboqs: non-constant-time behavior in Kyber
Product: [Novell Products] SUSE Security Incidents Reporter: Marcus Meissner <meissner>
Component: IncidentsAssignee: Marcus Meissner <meissner>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: meissner, thomas.leroy
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Marcus Meissner 2024-02-06 10:04:31 UTC 
Fixed potential non-constant-time behaviour in Kyber based on https://github.com/pq-crystals/kyber/commit/272125f6acc8e8b6850fd68ceb901a660ff48196
Comment 2 OBSbugzilla Bot 2024-02-06 11:35:02 UTC 
This is an autogenerated message for OBS integration:
This bug (1219614) was mentioned in
https://build.opensuse.org/request/show/1144526 Factory / liboqs
Comment 3 Thomas Leroy 2024-02-07 08:22:23 UTC 
SUSE:ALP:Source:Standard:1.0 should also be affected.
Comment 4 Marcus Meissner 2024-02-27 16:35:11 UTC 
i submitted also for alp