]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a375025) | patch
Fix for CVE-2014-0076 backported to 0.9.8 branch
authormancha <mancha1@hush.com>
Thu, 27 Mar 2014 00:55:08 +0000 (00:55 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 27 Mar 2014 00:55:08 +0000 (00:55 +0000)
commitfff69a7d8c38b5a391e7d71b0b51999003dd1e8f
tree39cb0a786f6c9f707562d39585b142af1364de18tree | snapshot
parenta375025e4dd58a05e926a5384774a85671695dd9commit | diff
Fix for CVE-2014-0076 backported to 0.9.8 branch

Fix for the attack described in the paper "Recovering OpenSSL
ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
by Yuval Yarom and Naomi Benger. Details can be obtained from:
http://eprint.iacr.org/2014/140

Thanks to Yuval Yarom and Naomi Benger for discovering this
flaw and to Yuval Yarom for supplying a fix.

Thanks for mancha for backporting the fix to OpenSSL 0.9.8 branch.
CHANGES diff | blob | blame | history
crypto/bn/bn.h diff | blob | blame | history
crypto/bn/bn_lib.c diff | blob | blame | history
crypto/ec/ec2_mult.c diff | blob | blame | history
A mirror of the official openssl repository