Hi,
On Tue, Aug 15, 2017 at 10:10:32AM +0200, Steffan Karger wrote:
[..]
> To all: following <54fc26bb.2000...@karger.me> and commit 1ce06386, I
> think it really is time to remove key method 1 from the master branch.
>
> Attached a proposed patch to fix this issue in release/2.4 and master.
>
>
Hi,
On 14-08-17 22:59, Guido Vranken wrote:
> this concerns key_method 1. I know it's deprecated, but reporting it
> just in case people still use it..
>
> So key_method_1_read() calls read_key() which doesn't perform adequate
> bounds checks. cipher_length and hmac_length are specified by the
>
On 15-08-17 10:10, Steffan Karger wrote:
> On 14-08-17 22:59, Guido Vranken wrote:
>> this concerns key_method 1. I know it's deprecated, but reporting it
>> just in case people still use it..
>>
>> So key_method_1_read() calls read_key() which doesn't perform adequate
>> bounds checks. cipher_leng
