17 matches found
CVE-2019-16143
An issue was discovered in the blake2 crate before 0.8.1 for Rust. The BLAKE2b and BLAKE2s algorithms, when used with HMAC, produce incorrect results because the block sizes are half of the required sizes...
EUVD-2021-1566
Malware in sbrugna...
Linux Improves Its Random Number Generator
In kernel version 5.17, both /dev/random and /dev/urandom have been replaced with a new -- identical -- algorithm based on the BLAKE2 hash function, which is an excellent security improvement...
Algorithms compute incorrect results in blake2
An issue was discovered in the blake2 crate before 0.8.1 for Rust. The BLAKE2b and BLAKE2s algorithms, when used with HMAC, produce incorrect results because the block sizes are half of the required sizes...
GHSA-4X25-PVHW-5224 Algorithms compute incorrect results in blake2
An issue was discovered in the blake2 crate before 0.8.1 for Rust. The BLAKE2b and BLAKE2s algorithms, when used with HMAC, produce incorrect results because the block sizes are half of the required sizes...
CVE-2019-16143
An issue was discovered in the blake2 crate before 0.8.1 for Rust. The BLAKE2b and BLAKE2s algorithms, when used with HMAC, produce incorrect results because the block sizes are half of the required sizes...
CVE-2019-16143
An issue was discovered in the blake2 crate before 0.8.1 for Rust. The BLAKE2b and BLAKE2s algorithms, when used with HMAC, produce incorrect results because the block sizes are half of the required sizes...
Design/Logic Flaw
An issue was discovered in the blake2 crate before 0.8.1 for Rust. The BLAKE2b and BLAKE2s algorithms, when used with HMAC, produce incorrect results because the block sizes are half of the required sizes...
CVE-2019-16143
The CVE concerns the blake2 crate for Rust, affecting versions before 0.8.1. The root cause is incorrect block sizes when BLAKE2b/BLAKE2s are used with HMAC, causing MAC results to be computed with half the required sizes. Documents consistently describe miscalculation of MAC results (MacResult) ...
CVE-2019-16143
An issue was discovered in the blake2 crate before 0.8.1 for Rust. The BLAKE2b and BLAKE2s algorithms, when used with HMAC, produce incorrect results because the block sizes are half of the required sizes...
RUSTSEC-2019-0019 HMAC-BLAKE2 algorithms compute incorrect results
When used in conjunction with the Hash-based Message Authentication Code HMAC, the BLAKE2b and BLAKE2s implementations in blake2 crate versions prior to v0.8.1 used an incorrect block size 32-bytes instead of 64-bytes for BLAKE2s, and 64-bytes instead of 128-bytes for BLAKE2b, causing them to...
HMAC-BLAKE2 algorithms compute incorrect results
When used in conjunction with the Hash-based Message Authentication Code HMAC, the BLAKE2b and BLAKE2s implementations in blake2 crate versions prior to v0.8.1 used an incorrect block size 32-bytes instead of 64-bytes for BLAKE2s, and 64-bytes instead of 128-bytes for BLAKE2b, causing them to...
[SECURITY] Fedora 29 Update: python-pycryptodomex-3.6.6-1.fc29
PyCryptodome is a self-contained Python package of low-level cryptographic primitives. It's a fork of PyCrypto. It brings several enhancements with respect to the last official version of PyCrypto 2.6.1, for instance: Authenticated encryption modes GCM, CCM, EAX, SIV, OCB Accelerated AES on Intel...
[SECURITY] Fedora 28 Update: python-pycryptodomex-3.6.6-1.fc28
PyCryptodome is a self-contained Python package of low-level cryptographic primitives. It's a fork of PyCrypto. It brings several enhancements with respect to the last official version of PyCrypto 2.6.1, for instance: Authenticated encryption modes GCM, CCM, EAX, SIV, OCB Accelerated AES on Intel...
Fedora 20 : csync2-1.34-15.fc20 / duplicity-0.6.25-3.fc20 / librsync-1.0.0-1.fc20 / etc (2015-3366)
Changes in librsync 1.0.0 2015-01-23 ====================================== - SECURITY: CVE-2014-8242: librsync previously used a truncated MD4 'strong' check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part...
librsync: checksum collision
librsync previously used a truncated MD4 "strong" check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part of a file could use it to control other regions of the file, if it's transferred using librsync/rdiff...
Fedora 22 : csync2-1.34-15.fc22 / duplicity-0.6.25-3.fc22 / librsync-1.0.0-1.fc22 / etc (2015-2923)
Changes in librsync 1.0.0 2015-01-23 ====================================== - SECURITY: CVE-2014-8242: librsync previously used a truncated MD4 'strong' check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part...