oss-sec mailing list archives
Re: CVE request for math/big.Exp
From: Jason Buberel <jbuberel () google com>
Date: Tue, 22 Dec 2015 21:24:18 +0000
The Go team plans to release Go 1.5.3 on Wednesday, January 13th to address this issue. On Tue, Dec 22, 2015 at 12:36 PM <cve-assign () mitre org> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256The problem that was identified is similar to CVE-2015-3193math/big: fix carry propagation in Int.Exp Montgomery code src/math/big/nat.goUse CVE-2015-8618. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWebPbAAoJEL54rhJi8gl5LMsP/20/WzubhID16KKW84qnlMAo F6w3/kPkfTTBr+42W3bNZYSCY0ieVwQsvTN6uz8GrMxJ6H/Vko3H17ltXZAx0nxP Vc53H2QbAiyCaaUA6+vqAeosjBbBhvXNkw7Dj9utDu1hJ2rbBtf5ujddF48CxjoJ +Fsrr7TYHX3Su/4r7MNtBtcMjOeWfD3xB+h++Lp5CL/z4tRKXBS02OM+tlVvdGvq llQQ8dwGIYaJv8v3ZIIdXk1dzurws2B6gvF6uDeaseXtbFpMbRpXxgeFddLowjtZ th9I7oxQUvFASrraIQrobaKPpEOfDJrMjhVzFHPtEFtTvrR71qYqq58NXaoflGV1 gEtSptbjm5sAwsjxOWhOVO+wA9JHA8upV2ZVxczdeFGlvyko2KBWdMorjEIWLQGI x2DbkL2+hXlCJfZZUfNy0BjyGpZPGlmT7ZAYguxz6VTT/EC67gJ6pkiv5mZKOeBY PHtH7UaYVBYwh6h5opdmvhkhTJ/a9lXhIez5s5HhX01P31DHmx6RLUMeTBikjwmz IFOEulqQhAH0Qtp2XvPAMKeICXpEv7iWmoP8yNAYQ0SzS4awc7ZjK1mcRka1hcY5 Bc5nbQvbZGPag0QeyYPdKyYuNqugj6d3J81kIlcpNfjCT1lSVhxxwjQQzlpi0FCR YJqwm2p3NhpjW57fGRux =HP2t -----END PGP SIGNATURE-----
Current thread:
- CVE request for math/big.Exp Jason Buberel (Dec 21)
- Re: CVE request for math/big.Exp Florian Weimer (Dec 21)
- Re: CVE request for math/big.Exp cve-assign (Dec 22)
- Re: CVE request for math/big.Exp Jason Buberel (Dec 22)
- Re: Re: CVE request for math/big.Exp Jessie Frazelle (Dec 22)
- Re: CVE request for math/big.Exp Jason Buberel (Dec 22)