OPENSUSE-SU-2019:2472-1 Security update for python-ecdsa

This update for python-ecdsa to version 0.13.3 fixes the following issues: Security issues fixed: - CVE-2019-14853: Fixed unexpected exceptions during signature decoding bsc1153165. - CVE-2019-14859: Fixed a signature malleability caused by insufficient checks of DER encoding bsc1154217. This...

SUSE-SU-2019:2891-1 Security update for python-ecdsa

This update for python-ecdsa to version 0.13.3 fixes the following issues: Security issues fixed: - CVE-2019-14853: Fixed unexpected exceptions during signature decoding bsc1153165. - CVE-2019-14859: Fixed a signature malleability caused by insufficient checks of DER encoding bsc1154217...

Debian: Security Advisory (DLA-1978-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1978-1] python-ecdsa security update

Package : python-ecdsa Version : 0.11-1+deb8u1 CVE ID : CVE-2019-14853 CVE-2019-14859 It was discovered that python-ecdsa, a cryptographic signature library for Python, did not correctly verify DER encoded signatures. Malformed signatures could lead to unexpected exceptions and in some cases did...

DLA-1978-1 python-ecdsa - security update

Bulletin has no description...

Fedora 31 : python-ecdsa (2019-55e04129ac)

Update to 0.13.3 - CVE-2019-14853 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Networ...

Fedora Update for python-ecdsa FEDORA-2019-5297458c78

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora Update for python-ecdsa FEDORA-2019-8fcf21a816

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 30 : python-ecdsa (2019-5297458c78)

Update to 0.13.3 - CVE-2019-14853 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Networ...

Fedora 29 : python-ecdsa (2019-8fcf21a816)

Update to 0.13.3 - CVE-2019-14853 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Networ...

Denial Of Service (DoS)

python-ecdsa is vulnerable to denial of service. The package raises unexpected exceptions when a DER signature is malformed, allowing a remote attacker to crash the application by submitting malicious DER signature...

CVE-2019-14853

An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions or no exceptions at all, which could lead to a denial of service...

UBUNTU-CVE-2019-14853

An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions or no exceptions at all, which could lead to a denial of service...

UBUNTU-CVE-2019-14859

A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker could use a malleable...

CVE-2019-14859

A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker could use a malleable...

CVE-2019-14859

A flaw was found in python-ecdsa, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker could use a malleable signature to create false...

GHSA-PWFW-MGFJ-7G3G ecdsa Denial of Service vulnerability in signature verification and signature malleability

possible DoS in signature verification and signature malleability Impact Code using VerifyingKey.verify and VerifyingKey.verifydigest may receive exceptions other than the documented BadSignatureError when signatures are malformed. If those other exceptions are not caught, they may lead to progra...