This bug was fixed in the package opencryptoki - 3.15.1+dfsg-0ubuntu1.2
---------------
opencryptoki (3.15.1+dfsg-0ubuntu1.2) hirsute-security; urgency=medium
* SECURITY UPDATE: Invalid curve attacks
- d/p/lp1928780-Add-missing-return-codes.patch: Partial cherry-pick of
master as a prerequisite for the following fix.
- d/p/lp1928780-SOFT-Check-the-EC-Key-on-C_CreateObject-and-C_Derive.patch:
Cherry-picked to add checks preventing Invalid Curve attacks (LP:
#1928780)
-- Simon Chopin <[email protected]> Thu, 29 Jul 2021 10:22:13
+0200
** Changed in: opencryptoki (Ubuntu Hirsute)
Status: Incomplete => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1928780
Title:
[UBUNTU 21.04] openCryptoki: Soft token does not check if an EC key is
valid
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1928780/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
