diff options
author | Lokesh Mandvekar <lsm5@fedoraproject.org> | 2022-04-12 09:29:36 -0400 |
---|---|---|
committer | Lokesh Mandvekar <lsm5@fedoraproject.org> | 2022-04-12 10:24:32 -0400 |
commit | 5e680d54e9e8b849b90047d2d87bc7664edaaa1d (patch) | |
tree | 4f9b314d7211bd04d030f6aa6563ddd8628a60b8 /vendor/golang.org/x/crypto/openpgp | |
parent | 9822c46981226c3296b5ad7833d8937cfc3ece49 (diff) | |
download | podman-5e680d54e9e8b849b90047d2d87bc7664edaaa1d.tar.gz podman-5e680d54e9e8b849b90047d2d87bc7664edaaa1d.tar.bz2 podman-5e680d54e9e8b849b90047d2d87bc7664edaaa1d.zip |
Bump golang.org/x/crypto to 7b82a4e
Resolves: GHSA-8c26-wmh5-6g9v - CVE-2022-27191
Podman doesn't seem to be directly affected as the logic in question
is not called.
golang.org/x/crypto@1baeb1ce contains the actual CVE fix. Using the
latest upstream commit to also include support for SHA-2.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Diffstat (limited to 'vendor/golang.org/x/crypto/openpgp')
-rw-r--r-- | vendor/golang.org/x/crypto/openpgp/armor/armor.go | 12 | ||||
-rw-r--r-- | vendor/golang.org/x/crypto/openpgp/armor/encode.go | 3 | ||||
-rw-r--r-- | vendor/golang.org/x/crypto/openpgp/elgamal/elgamal.go | 4 |
3 files changed, 11 insertions, 8 deletions
diff --git a/vendor/golang.org/x/crypto/openpgp/armor/armor.go b/vendor/golang.org/x/crypto/openpgp/armor/armor.go index ebc87876e..be342ad47 100644 --- a/vendor/golang.org/x/crypto/openpgp/armor/armor.go +++ b/vendor/golang.org/x/crypto/openpgp/armor/armor.go @@ -23,12 +23,14 @@ import ( // A Block represents an OpenPGP armored structure. // // The encoded form is: -// -----BEGIN Type----- -// Headers // -// base64-encoded Bytes -// '=' base64 encoded checksum -// -----END Type----- +// -----BEGIN Type----- +// Headers +// +// base64-encoded Bytes +// '=' base64 encoded checksum +// -----END Type----- +// // where Headers is a possibly empty sequence of Key: Value lines. // // Since the armored data can be very large, this package presents a streaming diff --git a/vendor/golang.org/x/crypto/openpgp/armor/encode.go b/vendor/golang.org/x/crypto/openpgp/armor/encode.go index 6f07582c3..5b6e16c19 100644 --- a/vendor/golang.org/x/crypto/openpgp/armor/encode.go +++ b/vendor/golang.org/x/crypto/openpgp/armor/encode.go @@ -96,7 +96,8 @@ func (l *lineBreaker) Close() (err error) { // trailer. // // It's built into a stack of io.Writers: -// encoding -> base64 encoder -> lineBreaker -> out +// +// encoding -> base64 encoder -> lineBreaker -> out type encoding struct { out io.Writer breaker *lineBreaker diff --git a/vendor/golang.org/x/crypto/openpgp/elgamal/elgamal.go b/vendor/golang.org/x/crypto/openpgp/elgamal/elgamal.go index 84396a089..743b35a12 100644 --- a/vendor/golang.org/x/crypto/openpgp/elgamal/elgamal.go +++ b/vendor/golang.org/x/crypto/openpgp/elgamal/elgamal.go @@ -77,8 +77,8 @@ func Encrypt(random io.Reader, pub *PublicKey, msg []byte) (c1, c2 *big.Int, err // returns the plaintext of the message. An error can result only if the // ciphertext is invalid. Users should keep in mind that this is a padding // oracle and thus, if exposed to an adaptive chosen ciphertext attack, can -// be used to break the cryptosystem. See ``Chosen Ciphertext Attacks -// Against Protocols Based on the RSA Encryption Standard PKCS #1'', Daniel +// be used to break the cryptosystem. See “Chosen Ciphertext Attacks +// Against Protocols Based on the RSA Encryption Standard PKCS #1”, Daniel // Bleichenbacher, Advances in Cryptology (Crypto '98), func Decrypt(priv *PrivateKey, c1, c2 *big.Int) (msg []byte, err error) { s := new(big.Int).Exp(c1, priv.X, priv.P) |