- Reported
-
- Issued
-
- Package
-
olm-sys
(crates.io)
- Type
-
Vulnerability
- Categories
-
- Aliases
-
- References
-
- Related
-
- Patched
-
no patched versions
Description
After several cryptographic vulnerabilities in libolm were disclosed publicly, the Matrix Foundation has officially deprecated the library. olm-sys is a thin wrapper around libolm and is now deprecated and potentially vulnerable in kind.
Users of olm-sys and its higher-level abstraction, olm-rs, are highly encouraged to switch to vodozemac as soon as possible. It is the successor effort to libolm and is written in Rust.
Advisory available under CC0-1.0
license.