Package: rust-sequoia-openpgp Version: 1.1.0-3 Severity: important Tags: security
https://gitlab.com/sequoia-pgp/sequoia/-/commit/b59886e5e7bdf7169ed330f309a6633d131776e5 which was first released with rust-sequoia-openpgp 2.1.0 describes (and then fixes) the following problem: openpgp: Fix an underflow in aes_key_unwrap. The `aes_key_unwrap` function would panic if passed a ciphertext that was too short. In a debug build, it would panic due to a subtraction underflow. In a release build, it would use the small negative quantity to allocate a vector. Since the allocator expects an unsigned quantity, the negative value would be interpreted as a huge allocation. The allocator would then fail to allocate the memory and panic. An attacker could trigger this panic by sending a victim an encrypted message whose PKESK or SKESK packet has been specially modified. When the victim decrypts the message, the program would crash. Reported-by: Jan Różański. -- cheers, Holger ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ holger@(debian|reproducible-builds|layer-acht).org ⢿⡄⠘⠷⠚⠋⠀ OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C ⠈⠳⣄ Ich glaube die Letzte Generation ist die erste kriminelle Vereinigung in der Geschichte, deren einziges Ziel es ist, dass sich die Regierung an die Verfassung und ihre eigenen Gesetze hält. (@muellermusik)
signature.asc
Description: PGP signature
