Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

ASA-202101-27 - log back

ASA-202101-27 edited at 28 Jan 2021 22:01:10

Impact

	The handling of P-224 ECDSA keys could produce incorrect outputs, leading to potentially incorrect results of encryption, decryption, or signature verification operations.

	Downloading a maliciously crafted binary package using "go get" can execute arbitrary code if the user's $PATH explicitly contains the current directory.

ASA-202101-27 edited at 22 Jan 2021 19:53:07

Impact

+	The handling of P-224 ECDSA keys could produce incorrect outputs, leading to potentially incorrect results of encryption, decryption, or signature verification operations.
+
+	Downloading a maliciously crafted binary package using "go get" can execute arbitrary code if the user's $PATH explicitly contains the current directory.

ASA-202101-27 created at 20 Jan 2021 22:11:47