ni...@lysator.liu.se (Niels Möller) writes: > I've prepared a new bug-fix release of Nettle, a low-level > cryptographics library, to fix bugs in the RSA decryption functions. The > bugs cause crashes on certain invalid inputs, which could be used > for denial of service attacks on applications using these functions.
I forgot to reference the CVE id allocated for this problem: CVE-2021-3580 (at the moment still in the "reserved" state). Thanks to Simo Sorce and Redhat for that registration. Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677. Internet email is subject to wholesale government surveillance. _______________________________________________ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
