Sicherheit: Mangelnde Prüfung von Signaturen in php-phpseclib
Aktuelle Meldungen Distributionen
Name: Mangelnde Prüfung von Signaturen in php-phpseclib
ID: FEDORA-2021-26bc109028
Distribution: Fedora
Plattformen: Fedora 32
Datum: Fr, 16. April 2021, 00:11
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30130
Applikationen: php-phpseclib


Fedora Update Notification
2021-04-15 14:53:31.655567

Name : php-phpseclib
Product : Fedora 32
Version : 2.0.31
Release : 1.fc32
URL : https://github.com/phpseclib/phpseclib
Summary : PHP Secure Communications Library
Description :
MIT-licensed pure-PHP implementations of an arbitrary-precision integer
arithmetic library, fully PKCS#1 (v2.1) compliant RSA, DES, 3DES, RC4,
Rijndael, AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509

Update Information:

**Version 2.0.31** - 2021-04-06 - X509: always parse the first cert of a
(#1568) - SSH2: behave like putty with broken publickey auth (#1572) - SSH2:
don't close channel on unexpected response to channel request (#1631) -
support keys with PSS algorithm identifier (#1584) - RSA: cleanup RSA PKCS#1
v1.5 signature verification (CVE-2021-30130) - SFTP/Stream: make it so you can
write past the end of a file (#1618) - SFTP: fix undefined index notice in
stream touch() (#1615) - SFTP: digit only filenames were converted to integers
by php (#1623) - BigInteger: fix issue with toBits on 32-bit PHP 8 installs -
Crypt: use a custom error handler for mcrypt to avoid deprecation errors

* Tue Apr 6 2021 Remi Collet <remi@remirepo.net> - 2.0.31-1
- update to 2.0.31

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-26bc109028' at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Pro-Linux @Facebook
Neue Nachrichten