gluon/patches
Matthias Schiffer 2b5d4b88b4
ecdsautils: verify: fix signature verification (CVE-2022-24884)
A vulnerability was found in ecdsautils which allows forgery of ECDSA
signatures. An adversary exploiting this vulnerability can create an update
manifest accepted by the autoupdater, which can be used to distribute
malicious firmware updates by spoofing a Gluon node's connection to the
update server.
2022-05-03 07:36:23 +02:00
..
openwrt modules: update OpenWrt base 2022-04-21 17:49:58 +02:00
packages ecdsautils: verify: fix signature verification (CVE-2022-24884) 2022-05-03 07:36:23 +02:00