git.ipfire.org Git - people/pmueller/ipfire-2.x.git/commit

author	Michael Tremer <michael.tremer@ipfire.org>
	Wed, 21 Nov 2018 11:21:42 +0000 (11:21 +0000)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Wed, 21 Nov 2018 11:21:42 +0000 (11:21 +0000)
commit	928b3cbf66a249236ffa672f66edaf402a54289f
tree	b6d73fea90d85e74cd5140c92fc92a649355b30f	tree \| snapshot
parent	5ca47910a7b5b7fd19422ed6311a391d68c56e95	commit \| diff

openssl: Update to 1.1.0j

  *) Timing vulnerability in DSA signature generation

     The OpenSSL DSA signature algorithm has been shown to be vulnerable to a
     timing side channel attack. An attacker could use variations in the signing
     algorithm to recover the private key.

     This issue was reported to OpenSSL on 16th October 2018 by Samuel Weiser.
     (CVE-2018-0734)
     [Paul Dale]

  *) Timing vulnerability in ECDSA signature generation

     The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a
     timing side channel attack. An attacker could use variations in the signing
     algorithm to recover the private key.

     This issue was reported to OpenSSL on 25th October 2018 by Samuel Weiser.
     (CVE-2018-0735)
     [Paul Dale]

  *) Add coordinate blinding for EC_POINT and implement projective
     coordinate blinding for generic prime curves as a countermeasure to
     chosen point SCA attacks.
     [Sohaib ul Hassan, Nicola Tuveri, Billy Bob Brumley]

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

config/rootfiles/common/openssl		diff \| blob \| blame \| history
lfs/openssl		diff \| blob \| blame \| history