Name of the Vulnerable Software and Affected Versions olm-sys (affected versions not specified) olm-rs (affected versions not specified)

Description The Matrix Foundation has officially deprecated the libolm library due to several publicly disclosed cryptographic vulnerabilities. As a result, olm-sys, a thin wrapper around libolm, is also deprecated and potentially vulnerable. Users are encouraged to switch to vodozemac, the successor effort to libolm, written in Rust.

Recommendations For olm-sys, consider switching to vodozemac as soon as possible. For olm-rs, consider switching to vodozemac as soon as possible. At the moment, there is no information about a newer version that contains a fix for this vulnerability.