[CVE-2022-28327] A crafted scalar input longer than 32 bytes can cause P256().ScalarMult or P256().ScalarBaseMult to panic. Indirect uses through crypto/ecdsa and crypto/tls are unaffected. amd64, arm64, ppc64le, and s390x are unaffected. URLs: https://github.com/golang/go/issues/52075 https://groups.google.com/g/golang-announce/c/oecdBNLOml8 [CVE-2022-24675] A large (more than 5 MB) PEM input can cause a stack overflow in Decode, leading the program to crash. URLs: https://github.com/golang/go/issues/51853 https://groups.google.com/g/golang-announce/c/oecdBNLOml8 Fixed versions are already in the tree. We probably only need to cleanup the version 1.17.8.
*** This bug has been marked as a duplicate of bug 838130 ***