Re: golang-go.crypto / CVE-2019-11841

To: Brian May <bam@debian.org>
Cc: Ola Lundqvist <ola@inguza.com>, Debian LTS <debian-lts@lists.debian.org>
Subject: Re: golang-go.crypto / CVE-2019-11841
From: Utkarsh Gupta <utkarsh@debian.org>
Date: Mon, 5 Oct 2020 03:08:14 +0530
Message-id: <[🔎] CAPP0f95wioPcjGJcdr5-asTvnF2Wfq-JC+fhL=7ORiKnr1P97A@mail.gmail.com>
In-reply-to: <[🔎] 87a6x1ism5.fsf@canidae.wired.pri>
References: <87k0xes8kr.fsf@canidae.wired.pri> <87pn75t6vb.fsf@canidae.wired.pri> <87eenju6qa.fsf@canidae.wired.pri> <877dtatsa2.fsf@canidae.wired.pri> <87r1refqqe.fsf@canidae.wired.pri> <CABY6=0nu1DP42xdGA-1whSZVY08fd0JSrarJijHAzAFMycfD7Q@mail.gmail.com> <874ko9p70k.fsf@canidae.wired.pri> <CABY6=0nbk71vcgXX3yHeKmm1kYZi=+PduFCbiyNCDx8WXDwEQA@mail.gmail.com> <871rjbq50z.fsf@canidae.wired.pri> <CABY6=0mSxsXpjhz-X+=p2wSSeXFuffVf=7X3AQ0GEyy1YRF9-A@mail.gmail.com> <87k0x2edaf.fsf@canidae.wired.pri> <CABY6=0=xDdOo1RH9iJiG=xS0T=GaQ48k+w-RSoLPSbTDcZxCUA@mail.gmail.com> <871rj6m8jr.fsf@canidae.wired.pri> <CABY6=0ku8-9tztUoYS_nU=jX_aUP_VVhyGyZefS+a3jh=tv--A@mail.gmail.com> <[🔎] 87a6x1ism5.fsf@canidae.wired.pri>

Hi Brian,

Thanks for your work!

On Mon, Oct 5, 2020 at 3:03 AM Brian May <bam@debian.org> wrote:
> I also had a look at CVE-2020-9283 (no DSA) - an invalid public key can
> cause a panic - however I feel this is not really a security issue.

But still, in case you can include a fix for this in this upload,
that'd be great!

- u

Reply to:

Follow-Ups:
- Re: golang-go.crypto / CVE-2019-11841
  - From: Brian May <bam@debian.org>

References:
- Re: golang-go.crypto / CVE-2019-11841
  - From: Brian May <bam@debian.org>

Prev by Date: Re: golang-go.crypto / CVE-2019-11841
Next by Date: Re: golang-go.crypto / CVE-2019-11841
Previous by thread: Re: golang-go.crypto / CVE-2019-11841
Next by thread: Re: golang-go.crypto / CVE-2019-11841
Index(es):
- Date
- Thread