#1140301 bookworm-pu: package python-ecdsa/0.18.0-3+deb12u1

#1140301#5
Date:
2026-06-17 20:43:17 UTC
From:
To:
[ Reason ]
Fix CVE-2026-33936 by backporting the upstream fix.

[ Impact ]
Malformed DER-encoded private keys can trigger unexpected exceptions,
leading to a denial of service.

[ Tests ]
The package was built successfully and the test suite passes
with the included fixes.

[ Risks ]
Low. The update consists of upstream patches for CVE-2026-33936.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Changes ]
Import and Backport patch.

[ Other info ]
The upload will be sponsored by @josue.

#1140301#12
Date:
2026-06-30 05:48:08 UTC
From:
To:
Control: tags -1 + confirmed

Please go ahead.

Regards,

Adam