-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : python-ecdsa Version : 0.11-1+deb8u1 CVE ID : CVE-2019-14853 CVE-2019-14859
It was discovered that python-ecdsa, a cryptographic signature library for Python, did not correctly verify DER encoded signatures. Malformed signatures could lead to unexpected exceptions and in some cases did not raise any exception. For Debian 8 "Jessie", these problems have been fixed in version 0.11-1+deb8u1. We recommend that you upgrade your python-ecdsa packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl25yt5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeRabQ//fruNHEk3owXUlCWrv1F9jsCknzhOXu4y0rSzz6VnPFctLWp920ykuhUB UduwGAlkWTSG/4xe5KZyWNvxBFW1+YARe8P+Ed92zAanXUnijxic0v4mbtbAVZG+ LWyVC96f3YxAS/+a1Xfy7kJekRIQyL288V3uCp34QEgMNVJjFK1AUkJXn4ld2Uy2 iVLaur4ZUH0Ghakv9cuHJWaIK4M0HKyHgoJAE8QFbbzvbTgqvtrP3N8qP+RaWZNM hBGslCn09g6/2iYbxC4d4o7Av7LvyUVAm/4v/JgfM4DcBBuR4eOd8U6QLp3hqqJ3 A/oYhE0aitlsNIe8b6fcEe/vWFlXaAzxphGGUdPnuqnh/H31zO8gg0M1h5tZ9JrH uTIe1JIgWsJRnuoe7V9tIBMWGpdmQbQYMjRiuefpqKk76MP4qUbILiLh/O0iCxi6 grFFA2b0CFZpDjUrfUeX4jr2qkHHVO6tCqqMYHmAERXcsbSR95w0ykS8dXYQn0uI hOtMngNAKx7gLbkFIvh5utWjqLcDtzRJr8mAyAPMJG1sv0hxNaYXiHu53XhYhM7G /g1JGkJuq8aqN2PZeIj00TVikNBVs9ywlW4QW8L5KcuPfT95xAESq6xeGh59zrPJ wL8OeJDuNpkeiWBg9aVsJjkZKwUyggD3IQjiV7NYi1mtSTchyxM= =FQQ2 -----END PGP SIGNATURE-----
