OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-20 02:21:00 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #195 from RustSec/RUSTSEC-2019-0027

Browse Source 
Assign RUSTSEC-2019-0027 to libsecp256k1
This commit is contained in:
Tony Arcieri
2019-10-14 09:00:23 -07:00
committed by GitHub
parent 2ea335249f 783394f059
commit d53649551b
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
crates/libsecp256k1/RUSTSEC-0000-0000.toml → crates/libsecp256k1/RUSTSEC-2019-0027.toml
View File

@@ -1,5 +1,5 @@
[advisory]
id = "RUSTSEC-0000-0000"
id = "RUSTSEC-2019-0027"
package = "libsecp256k1"
date = "2019-10-14"
title = "Flaw in Scalar::check_overflow allows side-channel timing attack"
@@ -15,4 +15,6 @@ constant time.
patched_versions = [">= 0.3.1"]
categories = ["crypto-failure"]
keywords = ["crypto", "sidechannel"]
functions = { "libsecp256k1::Scalar::check_overflow" = ["< 0.3.1"] }
[affected.functions]
"libsecp256k1::Scalar::check_overflow" = ["< 0.3.1"]