There is a (minor) security issue in em-app. The encrypt_buffer and decrypt_buffer functions use the rustc_serialize::from_hex() function on a cryptographic key, but from_hex has secret dependent control flow.
This PR removes those functions and bumps the version of em-app
There is a (minor) security issue in
em-app
. Theencrypt_buffer
anddecrypt_buffer
functions use therustc_serialize::from_hex()
function on a cryptographic key, but from_hex has secret dependent control flow. This PR removes those functions and bumps the version ofem-app
Fixes #553