14 matches found
The 2025 Go Cryptography State of the Union
This past August, I delivered my traditional Go Cryptography State of the Union talk at GopherCon US 2025 in New York. It goes into everything that happened at the intersection of Go and cryptography over the last year. You can watch the video with manually edited subtitles, for my fellow subtitl...
[SECURITY] Fedora 40 Update: golang-x-crypto-0.31.0-2.fc40
Go supplementary cryptography libraries...
[SECURITY] Fedora 41 Update: golang-x-crypto-0.31.0-2.fc41
Go supplementary cryptography libraries...
[SECURITY] Fedora 38 Update: golang-x-crypto-0.18.0-1.fc38
Go supplementary cryptography libraries...
Debian: Security Advisory (DLA-3455-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3455-1] golang-go.crypto security update
Debian LTS Advisory DLA-3455-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 16, 2023 https://wiki.debian.org/LTS Package : golang-go.crypto Version : 1:0.0git20181203.505ab14-1+deb10u1 CVE ID : CVE-2019-11840 CVE-2019-11841 CVE-2020-9283 Debian Bug : 95246...
Golang/x/crypto message forgery vulnerability
A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The...
GHSA-R5C5-PR8J-PFP7 golang.org/x/crypto/salsa20/salsa uses insufficiently random values
An issue was discovered in supplementary Go cryptography libraries, aka golang-googlecode-go-crypto, before 2019-03-20. A flaw was found in the amd64 implementation of golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa. If more than 256 GiB of keystream is generated, or if the...
Fedora: Security Advisory for golang-x-crypto (FEDORA-2022-d37fb34309)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2019-11840
An issue was discovered in supplementary Go cryptography libraries, aka golang-googlecode-go-crypto, before 2019-03-20. A flaw was found in the amd64 implementation of golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa. If more than 256 GiB of keystream is generated, or if the...
Security Bulletin: Multiple Vulnerabilities in Go affects IBM Watson Studio Local
Summary Security Bulletin: Multiple Vulnerabilities in Go affects IBM Watson Studio Local Vulnerability Details CVEID: CVE-2019-11841 DESCRIPTION: A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to th...
CVE-2019-11841
A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The...
PT-2019-12524 · Go · Go Cryptography Libraries
Name of the Vulnerable Software and Affected Versions: supplementary Go cryptography libraries affected versions not specified Description: A message-forgery issue was discovered in the supplementary Go cryptography libraries. According to the OpenPGP Message Format specification in RFC 4880...
Go Cryptography Libraries Cleartext Message Spoofing
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Cleartext message spoofing product: Supplementary Go Cryptography Libraries vulnerable version: commit a5d413f7728c81fb97d96a2b722368945f651e78 branch master...