Package: percona-xtrabackup Severity: serious Tags: security fixed-upstream
Hi, Upstream discovered and fixed use of a static IV in encrypting backups: "A fixed initialization vector (constant string) was used while encrypting the data. This opened the encrypted stream/data to plaintext attacks among others. Bug fixed #1185343." http://www.percona.com/doc/percona-xtrabackup/2.1/release-notes/2.1/2.1.6.html https://bugs.launchpad.net/percona-xtrabackup/+bug/1185343 Fixed in upstream 2.1.6. Can you please ensure that this gets into Debian? Cheers, Thijs -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org