packaging
/
ostree
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ostree/src
History
Colin Walters 83e6357186 sign/ed25519: Verify signatures are minimum length 
The ed25519 signature verification code does not
check that the signature is a minimum/correct length.
As a result, if the signature is too short, libsodium will end up
reading a few bytes out of bounds.

Reported-by: Demi Marie Obenour <demi@invisiblethingslab.com>
Co-authored-by: Demi Marie Obenour <demi@invisiblethingslab.com>

Closes: https://github.com/ostreedev/ostree/security/advisories/GHSA-gqf4-p3gv-g8vw
 		2022-07-14 17:13:51 -04:00
..
boot Add an `ostree-boot-complete.service` to propagate staging failures 2022-04-26 13:02:46 -04:00
libostree sign/ed25519: Verify signatures are minimum length 2022-07-14 17:13:51 -04:00
libotutil glib: bump glib requirement to 2.66 and port to GUri 2022-03-12 04:44:18 +01:00
ostree Fix `ostree admin kargs edit-in-place` fails issue 2022-07-12 16:27:00 +08:00
rofiles-fuse rofiles-fuse: Build using FUSE 3 if possible, falling back to FUSE 2 2022-01-04 09:41:38 +00:00
switchroot Rename ostree-cmdprivate to drop out of introspection 2022-06-02 17:13:17 -04:00