Re: golang-go.crypto / CVE-2019-11841
- To: Brian May <bam@debian.org>
- Cc: Ola Lundqvist <ola@inguza.com>, Debian LTS <debian-lts@lists.debian.org>
- Subject: Re: golang-go.crypto / CVE-2019-11841
- From: Utkarsh Gupta <utkarsh@debian.org>
- Date: Mon, 5 Oct 2020 03:08:14 +0530
- Message-id: <[🔎] CAPP0f95wioPcjGJcdr5-asTvnF2Wfq-JC+fhL=7ORiKnr1P97A@mail.gmail.com>
- In-reply-to: <[🔎] 87a6x1ism5.fsf@canidae.wired.pri>
- References: <87k0xes8kr.fsf@canidae.wired.pri> <87pn75t6vb.fsf@canidae.wired.pri> <87eenju6qa.fsf@canidae.wired.pri> <877dtatsa2.fsf@canidae.wired.pri> <87r1refqqe.fsf@canidae.wired.pri> <CABY6=0nu1DP42xdGA-1whSZVY08fd0JSrarJijHAzAFMycfD7Q@mail.gmail.com> <874ko9p70k.fsf@canidae.wired.pri> <CABY6=0nbk71vcgXX3yHeKmm1kYZi=+PduFCbiyNCDx8WXDwEQA@mail.gmail.com> <871rjbq50z.fsf@canidae.wired.pri> <CABY6=0mSxsXpjhz-X+=p2wSSeXFuffVf=7X3AQ0GEyy1YRF9-A@mail.gmail.com> <87k0x2edaf.fsf@canidae.wired.pri> <CABY6=0=xDdOo1RH9iJiG=xS0T=GaQ48k+w-RSoLPSbTDcZxCUA@mail.gmail.com> <871rj6m8jr.fsf@canidae.wired.pri> <CABY6=0ku8-9tztUoYS_nU=jX_aUP_VVhyGyZefS+a3jh=tv--A@mail.gmail.com> <[🔎] 87a6x1ism5.fsf@canidae.wired.pri>
Hi Brian,
Thanks for your work!
On Mon, Oct 5, 2020 at 3:03 AM Brian May <bam@debian.org> wrote:
> I also had a look at CVE-2020-9283 (no DSA) - an invalid public key can
> cause a panic - however I feel this is not really a security issue.
But still, in case you can include a fix for this in this upload,
that'd be great!
- u
Reply to: