Seafile through 6.2.11 always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks References: https://drive.google.com/file/d/1rwYsnuhZZxmSR6Zs8rJlWW3R27XBOSJU/view https://github.com/haiwen/seafile/issues/350
Created seafile tracking bugs for this issue: Affects: fedora-all [bug 1679870]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.