Summary: | <dev-libs/openssl-1.0.2q: side-channel vulnerability (CVE-2018-5407) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | D'juan McDonald (domhnall) <flopwiki> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | base-system, viklevin2 |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.openssl.org/news/secadv/20181112.txt | ||
Whiteboard: | A4 [glsa+ cve] | ||
Package list: |
dev-libs/openssl-1.0.2q
|
Runtime testing required: | --- |
Description
D'juan McDonald (domhnall)
2018-12-13 05:38:48 UTC
since the advisory does not mention that, ftr, it is fixed in 1.0.2q hppa stable amd64 stable sparc stable alpha stable x86 stable ia64 stable ppc64 stable ppc stable arm64 stable The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=604a6136f50362e5bcfabf4187ea945e2fdb43f3 commit 604a6136f50362e5bcfabf4187ea945e2fdb43f3 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2019-01-07 18:44:35 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2019-01-07 18:44:35 +0000 dev-libs/openssl: security cleanup Bug: https://bugs.gentoo.org/673056 Package-Manager: Portage-2.3.54, Repoman-2.3.12 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> dev-libs/openssl/Manifest | 5 - dev-libs/openssl/openssl-1.0.2p-r1.ebuild | 306 ------------------------------ 2 files changed, 311 deletions(-) New GLSA request filed. This issue was resolved and addressed in GLSA 201903-10 at https://security.gentoo.org/glsa/201903-10 by GLSA coordinator Aaron Bauman (b-man). |