On 25/10/16 09:01, Sanjaya Joshi wrote: > Hello, > > 1) > In openssl1.0.2i, the release note says, there is a fix for CVE-2016-2178: > > " > *) Constant time flag not preserved in DSA signing > > Operations in the DSA signing algorithm should run in constant time in > order to avoid side channel attacks. A flaw in the OpenSSL DSA > implementation means that a non-constant time codepath is followed for > certain operations. This has been demonstrated through a cache-timing > attack to be sufficient for an attacker to recover the private DSA key. > > This issue was reported by C?sar Pereida (Aalto University), Billy > Brumley > (Tampere University of Technology), and Yuval Yarom (The University of > Adelaide and NICTA). > (CVE-2016-2178) > [C?sar Pereida] > " > > 2) > And the related code diff in git > is: https://git.openssl.org/?p=openssl.git;a=commitdiff;h=399944622df7bd81af62e67ea967c470534090e2 > > 3) > But when i download the source code (1.0.2i and 1.0.2j), i cannot see > those fixes. > > Could you please clarify a bit about this. Is this intended or i just > need to apply the patches myself ? Well, firstly the link you give above is the master version of the fix, not the 1.0.2 version. Secondly, in 1.0.2, there were two relevant commits: https://github.com/openssl/openssl/commit/621eaf49a289bfac26d4cbcdb7396e796784c534 and https://github.com/openssl/openssl/commit/b7d0f2834e139a20560d64c73e2565e93715ce2b Matt
