{"affected":[{"ecosystem_specific":{"binaries":[{"libmbedcrypto3":"2.16.9-bp152.2.6.1","libmbedcrypto3-64bit":"2.16.9-bp152.2.6.1","libmbedtls12":"2.16.9-bp152.2.6.1","libmbedtls12-64bit":"2.16.9-bp152.2.6.1","libmbedx509-0":"2.16.9-bp152.2.6.1","libmbedx509-0-64bit":"2.16.9-bp152.2.6.1","mbedtls-devel":"2.16.9-bp152.2.6.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP2","name":"mbedtls","purl":"pkg:rpm/suse/mbedtls&distro=SUSE%20Package%20Hub%2015%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.16.9-bp152.2.6.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for mbedtls fixes the following issues:\n\n* CVE-2021-24119: Fixed side-channel vulnerability in base64 PEM [boo#1189589]\n\n  Guard against strong local side channel attack against base64 tables by making access aceess to them use constant flow code.\n\nThis update was imported from the openSUSE:Leap:15.2:Update update project.","id":"openSUSE-SU-2021:1355-1","modified":"2021-10-15T04:06:21Z","published":"2021-10-15T04:06:21Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/C77WUNAX6B5WKSXJWBNNJZZKI6OORZNP/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1189589"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-24119"}],"related":["CVE-2021-24119"],"summary":"Security update for mbedtls","upstream":["CVE-2021-24119"]}