OpenWrt/LEDE Project

  • Status Unconfirmed
  • Percent Complete
    0%
  • Task Type Bug Report
  • Category Base system
  • Assigned To No-one
  • Operating System All
  • Severity Critical
  • Priority Very Low
  • Reported Version All
  • Due in Version Undecided
  • Due Date Undecided
  • Private
Attached to Project: OpenWrt/LEDE Project
Opened by Solmaz Salimi - 21.01.2019

FS#2073 - Sha1 in firmware-utils/src/sha1.c has TLS or DTLS Vulnerability

Hi,
The sha1 file in openwrt/tools/firmware-utils/src/sha1.c is not fixed and is vulnerable to remote code execution or DoS. The CVE (CVE-2018-0487) and fixed in multiple other repos including ubuntu. (https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-0487.html)

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing