What Are You Looking For?

Sign Up
--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2022-111177a5ac
2022-05-14 01:48:30.603225
--------------------------------------------------------------------------------Name        : ecdsautils
Product     : Fedora 36
Version     : 0.4.1
Release     : 1.fc36
URL         : https://github.com/freifunk-gluon/ecdsautils
Summary     : Tiny collection of programs used for ECDSA (keygen, sign, verify)
Description :
This collection of ECDSA utilities can be used to sign and verify data in a
simple manner.

--------------------------------------------------------------------------------Update Information:

Fixes CVE-2022-24884 (Improper Verification of ECDSA Signatures). In previous
versions ecdsautils would erroneously accept all-zero signatures as valid.  More
information can be found here: https://github.com/freifunk-gluon/ecdsautils/security/advisories/GHSA-qhcg-9ffp-78pw
--------------------------------------------------------------------------------ChangeLog:

* Thu May  5 2022 Felix Kaechele  - 0.4.1-1
- update to 0.4.1
- use new upstream URLs
- drop patch now upstreamed
- added libs and devel subpackages
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #2082427 - CVE-2022-24884 ecdsautils: Improper Verification of ECDSA Signatures [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2082427
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-111177a5ac' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Fedora 36: ecdsautils 2022-111177a5ac

May 13, 2022
Fixes CVE-2022-24884 (Improper Verification of ECDSA Signatures)

Summary

This collection of ECDSA utilities can be used to sign and verify data in a

simple manner.

Fixes CVE-2022-24884 (Improper Verification of ECDSA Signatures). In previous

versions ecdsautils would erroneously accept all-zero signatures as valid. More

information can be found here: https://github.com/freifunk-gluon/ecdsautils/security/advisories/GHSA-qhcg-9ffp-78pw

* Thu May 5 2022 Felix Kaechele - 0.4.1-1

- update to 0.4.1

- use new upstream URLs

- drop patch now upstreamed

- added libs and devel subpackages

[ 1 ] Bug #2082427 - CVE-2022-24884 ecdsautils: Improper Verification of ECDSA Signatures [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2082427

su -c 'dnf upgrade --advisory FEDORA-2022-111177a5ac' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/keys

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

FEDORA-2022-111177a5ac 2022-05-14 01:48:30.603225 Product : Fedora 36 Version : 0.4.1 Release : 1.fc36 URL : https://github.com/freifunk-gluon/ecdsautils Summary : Tiny collection of programs used for ECDSA (keygen, sign, verify) Description : This collection of ECDSA utilities can be used to sign and verify data in a simple manner. Fixes CVE-2022-24884 (Improper Verification of ECDSA Signatures). In previous versions ecdsautils would erroneously accept all-zero signatures as valid. More information can be found here: https://github.com/freifunk-gluon/ecdsautils/security/advisories/GHSA-qhcg-9ffp-78pw * Thu May 5 2022 Felix Kaechele - 0.4.1-1 - update to 0.4.1 - use new upstream URLs - drop patch now upstreamed - added libs and devel subpackages [ 1 ] Bug #2082427 - CVE-2022-24884 ecdsautils: Improper Verification of ECDSA Signatures [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2082427 su -c 'dnf upgrade --advisory FEDORA-2022-111177a5ac' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Change Log

References

Update Instructions

Severity
Product : Fedora 36
Version : 0.4.1
Release : 1.fc36
URL : https://github.com/freifunk-gluon/ecdsautils
Summary : Tiny collection of programs used for ECDSA (keygen, sign, verify)

Related News

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Chinese Hackers Use DNS-over-HTTPS for Linux Malware Communication

Jun 15, 2023

Parrot OS 5.2 Tightens Security, Better TOR Bridges Support

Feb 20, 2023

Tails 5.9 Fixes Numerous Bugs and Enhances Security Measures

Jan 30, 2023

News

Advisories

HOWTOs

Features

Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap

About Us

Powered By

Footer Logo