6eb0720e50
A vulnerability was found in ecdsautils which allows forgery of ECDSA signatures. An adversary exploiting this vulnerability can create an update manifest accepted by the autoupdater, which can be used to distribute malicious firmware updates by spoofing a Gluon node's connection to the update server. |
||
|---|---|---|
| .. | ||
| 0001-perl-fix-build-failure-in-GCC10.patch | ||
| 0002-ecdsautils-verify-fix-signature-verification-CVE-2022-24884.patch | ||