[release-branch.go1.10] all: merge release-branch.go1.10-security into release-branch.go1.10
Change-Id: Iddb571880e8b688b8de9cd013f497f6eed0c7692
diff --git a/VERSION b/VERSION
index 0e23a5c..385b67f 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-go1.10.7
\ No newline at end of file
+go1.10.8
\ No newline at end of file
diff --git a/doc/devel/release.html b/doc/devel/release.html
index 9f4500a..89991f4 100644
--- a/doc/devel/release.html
+++ b/doc/devel/release.html
@@ -87,6 +87,13 @@
Go 1.10.7 milestone</a> on our issue tracker for details.
</p>
+<p>
+go1.10.8 (released 2019/01/23) includes a security fix to the
+<code>crypto/elliptic</code> package.
+See the <a href="https://github.com/golang/go/issues?q=milestone%3AGo1.10.8+label%3ACherryPickApproved">Go
+1.10.8 milestone</a> on our issue tracker for details.
+</p>
+
<h2 id="go1.9">go1.9 (released 2017/08/24)</h2>
<p>
diff --git a/src/crypto/elliptic/elliptic.go b/src/crypto/elliptic/elliptic.go
index 35aacf2..76b78a7 100644
--- a/src/crypto/elliptic/elliptic.go
+++ b/src/crypto/elliptic/elliptic.go
@@ -210,8 +210,9 @@
x3 := new(big.Int).Mul(alpha, alpha)
beta8 := new(big.Int).Lsh(beta, 3)
+ beta8.Mod(beta8, curve.P)
x3.Sub(x3, beta8)
- for x3.Sign() == -1 {
+ if x3.Sign() == -1 {
x3.Add(x3, curve.P)
}
x3.Mod(x3, curve.P)
