gluon

nils/gluon

History

Matthias Schiffer 5e6bac4e52 ecdsautils: verify: fix signature verification (CVE-2022-24884) A vulnerability was found in ecdsautils which allows forgery of ECDSA signatures. An adversary exploiting this vulnerability can create an update manifest accepted by the autoupdater, which can be used to distribute malicious firmware updates by spoofing a Gluon node's connection to the update server.	2022-05-03 20:35:16 +02:00
..
packages	ecdsautils: verify: fix signature verification (CVE-2022-24884)	2022-05-03 20:35:16 +02:00
routing	modules: switch to OpenWrt 21.02	2021-06-21 16:28:15 +02:00

Matthias Schiffer 5e6bac4e52

ecdsautils: verify: fix signature verification (CVE-2022-24884)

A vulnerability was found in ecdsautils which allows forgery of ECDSA
signatures. An adversary exploiting this vulnerability can create an update
manifest accepted by the autoupdater, which can be used to distribute
malicious firmware updates by spoofing a Gluon node's connection to the
update server.

2022-05-03 20:35:16 +02:00

packages

ecdsautils: verify: fix signature verification (CVE-2022-24884)

2022-05-03 20:35:16 +02:00

routing

modules: switch to OpenWrt 21.02

2021-06-21 16:28:15 +02:00