A flaw was found in the documentation of cryptopp. The documentation lacked that users must define -DNDEBUG when using alternate build systems, like Autotools or CMake. This led to a sensitive information leak to third parties. References: http://seclists.org/oss-sec/2016/q3/519 Upstream bug: https://github.com/weidai11/cryptopp/issues/277
Created cryptopp tracking bugs for this issue: Affects: fedora-all [bug 1376697] Affects: epel-all [bug 1376698]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.