Yes, I think this should better get into the -security pocket, since this bug may allow someone to perform Invalid Curve Attacks.
I think I'll also update the information type to public security. ** Information type changed from Public to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1928780 Title: [UBUNTU 21.04] openCryptoki: Soft token does not check if an EC key is valid To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1928780/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
