NES For Elliptic Release Notes
Comprehensive release notes and changelog for NES For Elliptic, including security patches, bug fixes, and feature updates across all supported versions.
1 Patched Vulnerability
VEX Statements
6.6.3 (NES)
Important
Due to the specifics of an issue fixed in this version, users are strongly advised to invalidate any keys they have used to generate signatures with a previous version of this package. Failing to do so can result in their keys being exposed, if a bad actor can get their hands on a faulty signature generated with a previous version of the package and the correct signature for the same input.
Notes
- Full Version:
6.6.1-elliptic-6.6.3
Bug Fixes
- ec: correctly handle computation of
k(step 3.2 of RFC 6979) with leading zeros- This fixes a medium-severity Cryptanalysis vulnerability (CVE-2025-14505).
6.6.2 (NES) - June 25, 2025
Notes
- This release contains no functional change from the OSS elliptic v6.6.1.
- This release mainlines OSS v6.6.1 into NES v6.6.2.
- Full Version:
6.6.1-elliptic-6.6.2