The bug is really cool: https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4. It impacts not only crypto/tls, but also crypto/openpgp. If you are using Go to sign messages, it's time to change your RSA private keys. Someone asked me to explain the bug in layman term, and below is my take.
Exploiting the math/rsa bug in Go
Exploiting the math/rsa bug in Go
Exploiting the math/rsa bug in Go
The bug is really cool: https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4. It impacts not only crypto/tls, but also crypto/openpgp. If you are using Go to sign messages, it's time to change your RSA private keys. Someone asked me to explain the bug in layman term, and below is my take.