From ea305294ad74a9e77eed017aaa29b3ffd79e6e7f Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Wed, 3 Mar 2021 21:29:55 +0100 Subject: CVE-2020-28498/node-elliptic fixed in unstable --- data/CVE/2020.list | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 9fff9c90ac..39df7d1a57 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -5452,7 +5452,7 @@ CVE-2020-28500 (All versions of package lodash; all versions of package org.fuji CVE-2020-28499 (All versions of package merge are vulnerable to Prototype Pollution vi ...) NOTE: Only bogus references listed, unclear what this is about CVE-2020-28498 (The package elliptic before 6.5.4 are vulnerable to Cryptographic Issu ...) - - node-elliptic + - node-elliptic 6.5.4~dfsg-1 NOTE: https://github.com/indutny/elliptic/commit/441b7428b0e8f6636c42118ad2aaa186d3c34c3f NOTE: https://github.com/christianlundkvist/blog/blob/master/2020_05_26_secp256k1_twist_attacks/secp256k1_twist_attacks.md CVE-2020-28497 -- cgit v1.2.3