Ola Lundqvist writes:
> This is what I think we should do.
>
> 1) Send a new DLA telling that the fix is only partial and not complete and
> in addtion that elgamal encryption is not supported by the library and
> should not be used.
>
> 2) Mark the CVE as no-dsa/ignored in the security database.
I think this sounds like a good plan.
Sent from a phone
Den fre 6 apr 2018 11:06Brian May skrev:
> Ola Lundqvist writes:
>
> > This is what I think we should do.
> >
> > 1) Send a new DLA telling that the fix is only partial and not complete
> and
> > in addtion that elgamal encryption is not