mirrored from https://www.bouncycastle.org/repositories/bc-csharp
-
Notifications
You must be signed in to change notification settings - Fork 549
CVE‐2024‐30172
David Hook edited this page May 11, 2024
·
1 revision
Issue affecting: BC Java 1.77 and earlier. BC C# .NET 2.3.0 and earlier.
Fixed versions: BC Java 1.78. BC C# .NET 2.3.1
Platform affected: All JVMs. All CLRs.
Crafted signature and public key can be used to trigger an infinite loop in the Ed25519 verification code.
Fix Commit:
Java https://github.com/bcgit/bc-java/commit/ebe1c75579170072dc59b8dee2b55ce31663178f
C# .NET https://github.com/bcgit/bc-csharp/commit/1e96ddd13bf69786c1b8a0a2f826059c26047a41