diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-04-01 09:00:18 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-04-01 09:00:18 +0200 |
commit | 5137b45766cb7b0a0f1e65af9cbf9d57b74a1630 (patch) | |
tree | 55a2085f2345e53fa617b8dc5f2d1da3e3f7270b | |
parent | 6ab8db4a7a8d9aae1b79ba95297e1589ebe334c8 (diff) |
Add assigned nettle CVE
-rw-r--r-- | data/CVE/2021.list | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list index b2acdf21b0..206161ffa0 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -20673,8 +20673,24 @@ CVE-2021-20307 RESERVED CVE-2021-20306 RESERVED -CVE-2021-20305 - RESERVED +CVE-2021-20305 [Out of Bound memory access in signature verification] + RESERVED + - nettle <unfixed> + NOTE: https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html + NOTE: New functions ecc_mod_mul_canonical and ecc_mod_sqr_canonical: + NOTE: https://git.lysator.liu.se/nettle/nettle/-/commit/a63893791280d441c713293491da97c79c0950fe + NOTE: Use ecc_mod_mul_canonical for point comparison: + NOTE: https://git.lysator.liu.se/nettle/nettle/-/commit/971bed6ab4b27014eb23085e8176917e1a096fd5 + NOTE: Fix bug in ecc_ecdsa_verify: + NOTE: https://git.lysator.liu.se/nettle/nettle/-/commit/74ee0e82b6891e090f20723750faeb19064e31b2 + NOTE: Ensure ecdsa_sign output is canonically reduced: + NOTE: https://git.lysator.liu.se/nettle/nettle/-/commit/51f643eee00e2caa65c8a2f5857f49acdf3ef1ce + NOTE: Analogous fix to ecc_gostdsa_verify: + NOTE: https://git.lysator.liu.se/nettle/nettle/-/commit/401c8d53d8a8cf1e79980e62bda3f946f8e07c14 + NOTE: Similar fix for eddsa: + NOTE: https://git.lysator.liu.se/nettle/nettle/-/commit/ae3801a0e5cce276c270973214385c86048d5f7b + NOTE: Fix canonical reduction in gostdsa_vko: + NOTE: https://git.lysator.liu.se/nettle/nettle/-/commit/63f222c60b03470c0005aa9bc4296fbf585f68b9 CVE-2021-20304 RESERVED CVE-2021-20303 |