[Bug 1097779] VUL-0: CVE-2018-12434: LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channelattack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problemor ROHNP. To discover a key, the attacker needs access to

3 Sep 2018


      http://bugzilla.suse.com/show_bug.cgi?id=1097779
http://bugzilla.suse.com/show_bug.cgi?id=1097779#c3

--- Comment #3 from Swamp Workflow Management  ---
openSUSE-SU-2018:2597-1: An update that solves two vulnerabilities and has one
errata is now available.

Category: security (moderate)
Bug References: 1065363,1086778,1097779
CVE References: CVE-2018-12434,CVE-2018-8970
Sources used:
openSUSE Leap 42.3 (src):    libressl-2.8.0-11.1

-- 
You are receiving this mail because:
You are on the CC list for the bug.

bugzilla_noreply＠novell.com

tags

participants (1)