bug-guix
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#31831: CVE-2018-0495 Key Extraction Side Channel in Multiple Crypto

From: Leo Famulari
Subject: bug#31831: CVE-2018-0495 Key Extraction Side Channel in Multiple Crypto Libraries
Date: Thu, 14 Jun 2018 16:06:08 -0400
User-agent: Mutt/1.10.0 (2018-05-17) 
> 2018-06-14 21:50 GMT+02:00 Leo Famulari <address@hidden>:
> > I'll try OpenSSL next.

They committed a fix but haven't released an update yet:

https://github.com/openssl/openssl/commit/a3e9d5aa980f238805970f420adf5e903d35bf09

There is also an unrelated security advisory for a DoS bug from 2 days
ago:

https://www.openssl.org/news/secadv/20180612.txt

I'll try grafting these patches.

Attachment: signature.asc
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]