From ${URL} : Operations in the DSA signing algorithm should run in constant time in order to avoid side channel attacks. A flaw in the OpenSSL DSA implementation means that a non-constant time codepath is followed for certain operations. This has been demonstrated through a cache-timing attack to be sufficient for an attacker to recover the private DSA key. Upstream fix: https://git.openssl.org/?p=openssl.git;a=commit;h=399944622df7bd81af62e67ea967c470534090e2 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
CVE-2016-2178 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178): The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.
Fixed in openssl-1.0.2h-r2 https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b4bfc10ce01e37a79da48f2f8349200c7eca78ed
(In reply to Patrick McLean from comment #2) > Fixed in openssl-1.0.2h-r2 > > https://gitweb.gentoo.org/repo/gentoo.git/commit/ > ?id=b4bfc10ce01e37a79da48f2f8349200c7eca78ed @base-system, shall we wait on stabilization or proceed?
(In reply to Aaron Bauman from comment #3) fine to stabilize
@arches, please stabilize: =dev-libs/openssl-1.0.2h-r2
amd64 stable
x86 stable
Stable for HPPA.
Stable on alpha.
Stable for PPC64.
arm stable
arm64 stable
ppc stable
sparc stable
ia64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
Removing unstable arches. @maintainer(s), please proceed with cleanup.
(In reply to Aaron Bauman from comment #16) unstable arches still stabilize core packages needed to build the system
(In reply to SpanKY from comment #17) > (In reply to Aaron Bauman from comment #16) > > unstable arches still stabilize core packages needed to build the system We should consider that their stabilization efforts are done in separate bugs then. Security does not support unstable arches.
Cleanup happened via https://gitweb.gentoo.org/repo/gentoo.git/commit/dev-libs/openssl?id=33f48e56748dc9d6c40326f7654653b6dc49dab5
This issue was resolved and addressed in GLSA 201612-16 at https://security.gentoo.org/glsa/201612-16 by GLSA coordinator Aaron Bauman (b-man).