Clarification regarding CVE-2016-2178 for openssl 1.0.2 i and 1.0.2 j

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 25/10/16 09:01, Sanjaya Joshi wrote:
> Hello,
> 
> 1)
> In openssl1.0.2i, the release note says, there is a fix for CVE-2016-2178:
> 
> "
>   *) Constant time flag not preserved in DSA signing
> 
>      Operations in the DSA signing algorithm should run in constant time in
>      order to avoid side channel attacks. A flaw in the OpenSSL DSA
>      implementation means that a non-constant time codepath is followed for
>      certain operations. This has been demonstrated through a cache-timing
>      attack to be sufficient for an attacker to recover the private DSA key.
> 
>      This issue was reported by C?sar Pereida (Aalto University), Billy
> Brumley
>      (Tampere University of Technology), and Yuval Yarom (The University of
>      Adelaide and NICTA).
>      (CVE-2016-2178)
>      [C?sar Pereida]
> "
> 
> 2)
> And the related code diff in git
> is: https://git.openssl.org/?p=openssl.git;a=commitdiff;h=399944622df7bd81af62e67ea967c470534090e2
> 
> 3)
> But when i download the source code (1.0.2i and 1.0.2j), i cannot see
> those fixes.
> 
> Could you please clarify a bit about this. Is this intended or i just
> need to apply the patches myself ?

Well, firstly the link you give above is the master version of the fix,
not the 1.0.2 version. Secondly, in 1.0.2, there were two relevant commits:

https://github.com/openssl/openssl/commit/621eaf49a289bfac26d4cbcdb7396e796784c534

and

https://github.com/openssl/openssl/commit/b7d0f2834e139a20560d64c73e2565e93715ce2b

Matt



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux