HomeSolus

Update openssl to 1.0.2q to address CVEs

Authored by kyrios123 on Nov 21 2018, 9:12 AM.

Description

Update openssl to 1.0.2q to address CVEs

Summary:

  • Microarchitecture timing vulnerability in ECC scalar multiplication (CVE-2018-5407)
  • Timing vulnerability in DSA signature generation (CVE-2018-0734)

Signed-off-by: Pierre-Yves <pyu@riseup.net>

Test Plan: Tested with curl

Reviewers: Triage Team, JoshStrobl

Reviewed By: Triage Team, JoshStrobl

Tags: #security

Differential Revision: https://dev.getsol.us/D4408

Details

Committed
kyrios123Nov 21 2018, 1:55 PM
Pushed
kyrios123Nov 21 2018, 1:55 PM
Reviewer
Triage Team
Differential Revision
Restricted Differential Revision
Parents
R2257:a54cda78c6e1: Update to 1.0.2p
Branches
Unknown
Tags
Unknown
References
tag: openssl-1.0.2q-34