Due to https://security-tracker.debian.org/tracker/CVE-2016-9939 version 5.6.4 is also vuln (see https://software.opensuse.org/package/libcryptopp).