Bug#701817: unblock: botan1.10/1.10.5-1

To: Debian Bug Tracking System <701817@bugs.debian.org>
Subject: Bug#701817: unblock: botan1.10/1.10.5-1
From: Ondřej Surý <ondrej@debian.org>
Date: Mon, 04 Mar 2013 09:48:17 +0100
Message-id: <[🔎] 20130304084817.27142.43642.reportbug@localhost6.localdomain6>
Reply-to: OndÅ™ej SurÃ½ <ondrej@debian.org>, 701817@bugs.debian.org

Package: release.debian.org
Followup-For: Bug #701817
User: release.debian.org@packages.debian.org
Usertags: unblock

And the patches...

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

#
#
# patch "src/pubkey/dh/dh.cpp"
#  from [87394105b44ac22e9f8727335586b5ae9c95acbb]
#    to [fd216f648a465f32e2626653acd54b4a36e27d97]
#
============================================================
--- src/pubkey/dh/dh.cpp	87394105b44ac22e9f8727335586b5ae9c95acbb
+++ src/pubkey/dh/dh.cpp	fd216f648a465f32e2626653acd54b4a36e27d97
@@ -87,6 +87,9 @@ SecureVector<byte> DH_KA_Operation::agre
    {
    BigInt input = BigInt::decode(w, w_len);
 
+   if(input <= 1 || input >= p - 1)
+      throw Invalid_Argument("DH agreement - invalid key provided");
+
    BigInt r = blinder.unblind(powermod_x_p(blinder.blind(input)));
 
    return BigInt::encode_1363(r, p.bytes());

Reply to:

Prev by Date: Processed: retitle 701817 to unblock: botan1.10/1.10.5-1
Next by Date: Bug#701817: unblock: botan1.10/1.10.5-1
Previous by thread: Processed: retitle 701817 to unblock: botan1.10/1.10.5-1
Next by thread: Bug#701817: unblock: botan1.10/1.10.5-1
Index(es):
- Date
- Thread