Summary: | <dev-libs/openssl-1.0.2: ECDSA P-256 timing attack key recovery (CVE-2016-7056) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Thomas Deutschmann (RETIRED) <whissi> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | base-system |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B4 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 605414 |
Description
Thomas Deutschmann (RETIRED)
2017-01-11 21:55:48 UTC
Fixed by: https://git.openssl.org/?p=openssl.git;a=commit;h=8aed2a7548362e88e84a7feb795a3a97e8395008 $ git tag --contains 8aed2a7548362e88e84a7feb795a3a97e8395008 | sort -u OpenSSL_1_0_2 OpenSSL_1_0_2a OpenSSL_1_0_2b OpenSSL_1_0_2-beta3 OpenSSL_1_0_2c OpenSSL_1_0_2d OpenSSL_1_0_2e OpenSSL_1_0_2f OpenSSL_1_0_2g OpenSSL_1_0_2h OpenSSL_1_0_2i OpenSSL_1_0_2j Version in repository: 1.0.2j Repository is clean, nothing left to do. |