OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-13 21:18:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
36b8de692c82dda2aefc11faa6d301963bf20ffe
advisory-db/crates/blake2/RUSTSEC-2019-0019.toml
Tony Arcieri 01ac6725d5 Fix all advisories to pass linter 
Mostly related to the `affected_functions` field, which has changed a
few times.
2019-09-09 12:19:01 -07:00

21 lines
782 B
TOML
Raw Blame History

[advisory]
id = "RUSTSEC-2019-0019"
package = "blake2"
date = "2019-08-25"
title = "HMAC-BLAKE2 algorithms compute incorrect results"
description = """
When used in conjunction with the Hash-based Message Authentication Code (HMAC),
the BLAKE2b and BLAKE2s implementations in `blake2` crate versions prior to
v0.8.1 used an incorrect block size (32-bytes instead of 64-bytes for BLAKE2s,
and 64-bytes instead of 128-bytes for BLAKE2b), causing them to miscompute the
`MacResult`.
The v0.8.1 release of the `blake2` crate uses the correct block sizes.
Note that this advisory only impacts usage of BLAKE2 with HMAC, and does not
impact `Digest` functionality.
"""
patched_versions = [">= 0.8.1"]
url = "https://github.com/RustCrypto/MACs/issues/19"
categories = ["crypto-failure"]
Reference in New Issue View Git Blame Copy Permalink