Red Hat Bugzilla – Bug 1311618
CVE-2015-7825 botan: infinite loop during certificate path validation
Last modified: 2016-04-29 14:34:05 EDT
When evaluating a certificate path, if a loop in the certificate chain was encountered (for instance where C1 certifies C2, which certifies C1) an infinite loop would occur eventually resulting in memory exhaustion.
CVE-2015-7825 only affects 1.11.X for 6<=X<22.
In Fedora/EPEL, we have 1.8.X and 1.10.X (i.e. stable) versions.