Oval Definition:	oval:com.ubuntu.artful:def:20161000345000
Revision Date: 2018-06-04 Version: 1 Title: CVE-2016-1000345 on Ubuntu 17.10 (artful) - medium. Description: In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, it is possible with enough observations to identify when the decryption is failing due to padding. Family: unix Class: vulnerability Status: Reference(s): CVE-2016-1000345 Platform(s): Ubuntu 17.10 Product(s): Definition Synopsis Ubuntu 17.10 (artful) is installed. AND NOT While related to the CVE in some way, the 'bouncycastle' package in artful is not affected (note: '1.57-1').
BACK