[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#47222: Serious bug in Nettle's ecdsa_verify
From: |
Léo Le Bouter |
Subject: |
bug#47222: Serious bug in Nettle's ecdsa_verify |
Date: |
Tue, 06 Apr 2021 13:09:57 +0200 |
User-agent: |
Evolution 3.34.2 |
I am no expert cryptographer, it is likely that if I try backporting
such patches I will get something wrong that introduces more flaws.
https://security-tracker.debian.org/tracker/CVE-2021-20305 - no patch
backported yet
https://packages.ubuntu.com/source/focal/nettle - no patch backported
either
It would be best if Nettle adopted a forever (or almost) backwards
compatible ABI from now on like curl (https://curl.se/libcurl/abi.html)
so that such things don't happen again.
Thank you,
Léo
signature.asc
Description: This is a digitally signed message part
- bug#47222: Serious bug in Nettle's ecdsa_verify,
Léo Le Bouter <=