Buffer overrun in GMP 5.0.3
Torbjorn Granlund
tg at gmplib.org
Tue Jan 31 10:31:41 CET 2012
We have a buffer overrun in GMP 5.0.3, furthermore the functions
affected are mpz_powm_sec and mpn_powm_sec, i.e. GMP's modexp functions
specifically recommended for cryptographic applications.
Extra safe turned extra unsafe with this release.
We will make a new release before the end of this week.
Only GMP 5.0.3 is affected; earlier GMP releases did not have this bug.
We apologise for the problems this creates.
--
Torbjörn
More information about the gmp-announce
mailing list