Re: golang-go.crypto / CVE-2019-11841
On 06/10/2020 23:42, Brian May wrote:
Utkarsh Gupta <email@example.com> writes:
Ah, great. It'd nice to include this then! :)
Done. See attached patch. I had to apply it manually, because patch was
misapplying one of the hunks in the wrong place. There were several
hunks that apply to SKEd25519 public key stuff I skipped also because
this version does not have SKEd25519 public key stuff.
I note that some of the ssh tests are skipped because sshd is not
installed. So I added "openssh-server" to the build depends, and found
that one of the tests hangs. Even if I revert my changes.
The tests related to these change appear to pass, even without
openssh-server installed, so I think this is good to go.
Have you checked if any rdeps need to be rebuilt?