Bug#969369: buster-pu: package node-elliptic/6.4.1_dfsg-1+deb10u1

[Adam D. Barratt]

Control: tags -1 + confirmed

On Tue, 2020-09-01 at 13:30 +0200, Xavier Guimard wrote:
> node-elliptic allows ECDSA signature maleability via variations in
> encoding, leading '\0' bytes, or integer overflows (CVE-2020-13822).
> 
> [ Impact ]
> This could conceivably have a security-relevant impact if an
> application relied on a single canonical signature.
> 

Please go ahead.

Regards,

Adam