github/golang.go
2
0
Fork 0
mirror of https://github.com/golang/go.git synced 2026-04-04 02:10:08 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
930ce220d052d632f0d84df5850c812a77b70175
golang.go/src/crypto
History
Neal Patel 930ce220d0 [release-branch.go1.25] crypto/x509: mitigate DoS vector when intermediate certificate contains DSA public key 
An attacker could craft an intermediate X.509 certificate
containing a DSA public key and can crash a remote host
with an unauthenticated call to any endpoint that
verifies the certificate chain.

Thank you to Jakub Ciolek for reporting this issue.

Fixes CVE-2025-58188
For #75675
Fixes #75703

Change-Id: I2ecbb87b9b8268dbc55c8795891e596ab60f0088
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/2780
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-by: Roland Shoemaker <bracewell@google.com>
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/2963
Commit-Queue: Roland Shoemaker <bracewell@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/709845
TryBot-Bypass: Michael Pratt <mpratt@google.com>
Reviewed-by: Carlos Amedee <carlos@golang.org>
Auto-Submit: Michael Pratt <mpratt@google.com>
2025-10-07 11:02:06 -07:00
..
aes
crypto: test for unexpected concrete methods in interface value returns
2025-03-06 08:06:34 -08:00
boring
cipher
crypto/cipher: Fix comment punctuation
2025-07-10 09:27:20 -07:00
des
dsa
ecdh
crypto/internal/fips140/nistec: make SetBytes constant time
2025-02-21 10:31:33 -08:00
ecdsa
crypto/ecdsa: fix crypto/x509 godoc links
2025-07-01 09:11:14 -07:00
ed25519
crypto/ecdsa,crypto/ed25519: cache FIPS private keys
2025-05-20 16:33:12 -07:00
elliptic
crypto/elliptic: drop hidden Inverse and CombinedMult methods
2025-03-04 12:43:35 -08:00
fips140
internal/godebug,crypto/fips140: make fips140 setting immutable
2025-05-21 12:21:44 -07:00
hkdf
hmac
crypto/hmac: wrap ErrUnsupported returned by Clone
2025-06-30 09:31:32 -07:00
internal
[release-branch.go1.25] lib/fips140: re-seal v1.0.0
2025-09-26 10:44:50 -07:00
md5
crypto,hash: add and implement hash.Cloner
2025-05-21 16:39:55 -07:00
mlkem
pbkdf2
crypto/pbkdf2: fix code example for Key
2025-03-10 08:11:48 -07:00
rand
crypto/rand: add and update examples
2025-04-16 16:10:00 -07:00
rc4
rsa
crypto/rsa: drop contradictory promise to keep PublicKey modulus secret
2025-07-11 12:29:02 -07:00
sha1
crypto,hash: add and implement hash.Cloner
2025-05-21 16:39:55 -07:00
sha3
crypto,hash: add and implement hash.Cloner
2025-05-21 16:39:55 -07:00
sha256
crypto,hash: add and implement hash.Cloner
2025-05-21 16:39:55 -07:00
sha512
crypto,hash: add and implement hash.Cloner
2025-05-21 16:39:55 -07:00
subtle
tls
[release-branch.go1.25] crypto/tls: quote protocols in ALPN error message
2025-10-01 11:37:43 -07:00
x509
[release-branch.go1.25] crypto/x509: mitigate DoS vector when intermediate certificate contains DSA public key
2025-10-07 11:02:06 -07:00
crypto_test.go
crypto: add a test for disallowed instructions
2025-05-21 15:01:46 -07:00
crypto.go
crypto,crypto/x509: implement MessageSigner
2025-05-08 07:46:12 -07:00
issue21104_test.go
purego_test.go