Debian 10225 Published by

A phpseclib security update has been released for Debian GNU/Linux 9 Extended LTS to address an issue with RSA PKCS#1 v1.5 signature verification.



ELA-903-1 phpseclib security update

Package : phpseclib
Version : 1.0.19-1~deb9u1 (stretch)

Related CVEs :
CVE-2021-30130

The PHP Secure Communications Library is a fully PKCS#1 (v2.1) compliant RSA, DES, 3DES, RC4, Rijndael, AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509 implementation. This library mishandled RSA PKCS#1 v1.5 signature verification.

ELA-903-1 phpseclib security update