CVE-2019-14853

Priority
Description
An error-handling flaw was found in python-ecdsa before version 0.13.3.
During signature decoding, malformed DER signatures could raise unexpected
exceptions (or no exceptions at all), which could lead to a denial of
service.
Assigned-to
mdeslaur
Notes
Package
Upstream:released (0.13.3-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (0.13-2ubuntu0.16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (0.13-2ubuntu0.18.04.1)
Ubuntu 19.04 (Disco Dingo):released (0.13-3ubuntu0.1)
Ubuntu 19.10 (Eoan Ermine):released (0.13.2-2ubuntu0.1)
Ubuntu 20.04 (Focal Fossa):not-affected (0.13.3-1)
Patches:
Upstream:https://github.com/warner/python-ecdsa/commit/b0ea52bb3aa9a16c9a4a91fdc0041edbfed10b31
Upstream:https://github.com/warner/python-ecdsa/commit/20b377491e2d759a3f47eb7aedba41292cc82238
Upstream:https://github.com/warner/python-ecdsa/commit/897178ca093282979ff19cc4035eadbc30ac0d23
Upstream:https://github.com/warner/python-ecdsa/commit/9080d1d5ac533da0de00466aaffb49bee808bb4e
Upstream:https://github.com/warner/python-ecdsa/commit/14abfe020d4907fd9849f269b98f5f8f1060366b (travis)
Upstream:https://github.com/warner/python-ecdsa/commit/563d2ee2c07e10ae4f77ccde4161d6a14c681b1b
Upstream:https://github.com/warner/python-ecdsa/commit/3427fa29f319b27898a28601955807abb44c0830
Upstream:https://github.com/warner/python-ecdsa/commit/99c907d7acc94da6685470328174ea7299863dfd
Upstream:https://github.com/warner/python-ecdsa/commit/b95be03d8540b3a088263cbb3a0a376a8a0efbd0 (travis)
Upstream:https://github.com/warner/python-ecdsa/commit/1eb2c0410b97ac5101b5db20e2924d79db3e8ec5
Upstream:https://github.com/warner/python-ecdsa/commit/5c4c74a454c852727ac3c0207a4010486dde1866 (all)
More Information

Updated: 2019-12-05 21:09:57 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)