gluon

nils/gluon

History

Matthias Schiffer 5e6bac4e52 ecdsautils: verify: fix signature verification (CVE-2022-24884) A vulnerability was found in ecdsautils which allows forgery of ECDSA signatures. An adversary exploiting this vulnerability can create an update manifest accepted by the autoupdater, which can be used to distribute malicious firmware updates by spoofing a Gluon node's connection to the update server.	2022-05-03 20:35:16 +02:00
..
openwrt	modules: switch to OpenWrt 22.03	2022-04-30 16:35:05 +02:00
packages	ecdsautils: verify: fix signature verification (CVE-2022-24884)	2022-05-03 20:35:16 +02:00

Matthias Schiffer 5e6bac4e52

ecdsautils: verify: fix signature verification (CVE-2022-24884)

A vulnerability was found in ecdsautils which allows forgery of ECDSA
signatures. An adversary exploiting this vulnerability can create an update
manifest accepted by the autoupdater, which can be used to distribute
malicious firmware updates by spoofing a Gluon node's connection to the
update server.

2022-05-03 20:35:16 +02:00

openwrt

modules: switch to OpenWrt 22.03

2022-04-30 16:35:05 +02:00

packages

ecdsautils: verify: fix signature verification (CVE-2022-24884)

2022-05-03 20:35:16 +02:00