Changes between 1.0.2p and 1.0.2q [xx XXX xxxx]
- *)
+ *) Microarchitecture timing vulnerability in ECC scalar multiplication
+
+ OpenSSL ECC scalar multiplication, used in e.g. ECDSA and ECDH, has been
+ shown to be vulnerable to a microarchitecture timing side channel attack.
+ An attacker with sufficient access to mount local timing attacks during
+ ECDSA signature generation could recover the private key.
+
+ This issue was reported to OpenSSL on 26th October 2018 by Alejandro
+ Cabrera Aldaya, Billy Brumley, Sohaib ul Hassan, Cesar Pereida Garcia and
+ Nicola Tuveri.
+ (CVE-2018-5407)
+ [Billy Brumley]
+
+ *) Timing vulnerability in DSA signature generation
+
+ The OpenSSL DSA signature algorithm has been shown to be vulnerable to a
+ timing side channel attack. An attacker could use variations in the signing
+ algorithm to recover the private key.
+
+ This issue was reported to OpenSSL on 16th October 2018 by Samuel Weiser.
+ (CVE-2018-0734)
+ [Paul Dale]
+
+ *) Resolve a compatibility issue in EC_GROUP handling with the FIPS Object
+ Module, accidentally introduced while backporting security fixes from the
+ development branch and hindering the use of ECC in FIPS mode.
+ [Nicola Tuveri]
Changes between 1.0.2o and 1.0.2p [14 Aug 2018]
projects / openssl.git / blobdiff