Sha1 in firmware-utils/src/sha1.c has TLS or DTLS Vulnerability
Username: Solmaz Salimi
Origin: https://bugs.openwrt.org/index.php?do=details&task_id=2073
Hi,
The sha1 file in openwrt/tools/firmware-utils/src/sha1.c is not fixed and is vulnerable to remote code execution or DoS. The CVE (CVE-2018-0487) and fixed in multiple other repos including ubuntu. (
https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-0487.html
)