Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 16 Jun 2018 12:42:37 +0200
From: Marcus Brinkmann <marcus.brinkmann@...r-uni-bochum.de>
To: oss-security@...ts.openwall.com
Subject: Re: CVE-2018-12356 Breaking signature verification in
 pass (Simple Password Store)

Hi,

On 06/15/2018 07:28 PM, Jakub Wilk wrote:
> Thanks for doing this. I didn't mean to imply that you were not diligent> enough.

I didn't take it that way!

>> You reporting these?
> 
> I was hoping somebody else would take care of this.

Hehe, everybody does. Luckily, we found some hackers in Mauritius taking
care of it!

First results:

bitcoin:
https://github.com/bitcoin/bitcoin/commit/9e2e5626dabb7208dafedcc9904940b666be1c3b

litecoin: https://github.com/litecoin-project/litecoin/pull/503

Thx,
Marcus

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ