OESA-2024-2385 openssl security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field polynomial can lead to...

OESA-2024-2384 openssl security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field polynomial can lead to...

OpenSSL: ECDSA Private Key Leak (CVE-2011-1945) - Windows

OpenSSL leaks ECDSA private key through a remote timing attack. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free softwar...

OpenSSL: ECDSA Private Key Leak (CVE-2011-1945) - Linux

OpenSSL leaks ECDSA private key through a remote timing attack. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free softwar...

openSUSE Security Update : openssl-1_1 (openSUSE-2019-1147)

This update for openssl-11 OpenSSL Security Advisory 6 March 2019 fixes the following issues : Security issue fixed: - CVE-2019-1543: Fixed an implementation error in ChaCha20-Poly1305 where it was allowed to set IV with more than 12 bytes bsc1128189. Other issues addressed : - Fixed a segfault i...

OPENSUSE-SU-2019:1147-1 Security update for openssl-1_1

This update for openssl-11 OpenSSL Security Advisory 6 March 2019 fixes the following issues: Security issue fixed: - CVE-2019-1543: Fixed an implementation error in ChaCha20-Poly1305 where it was allowed to set IV with more than 12 bytes bsc1128189. Other issues addressed: - Fixed a segfault in...

SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2019:0678-1)

This update for openssl-11 OpenSSL Security Advisory 6 March 2019 fixes the following issues : Security issue fixed : CVE-2019-1543: Fixed an implementation error in ChaCha20-Poly1305 where it was allowed to set IV with more than 12 bytes bsc1128189. Other issues addressed: Fixed a segfault in...

SUSE-SU-2019:0678-1 Security update for openssl-1_1

This update for openssl-11 OpenSSL Security Advisory 6 March 2019 fixes the following issues: Security issue fixed: - CVE-2019-1543: Fixed an implementation error in ChaCha20-Poly1305 where it was allowed to set IV with more than 12 bytes bsc1128189. Other issues addressed: - Fixed a segfault in...

OpenSSL leaks ECDSA private key through a remote timing attack

Overview The OpenSSL ladder implementation for scalar multiplication of points on elliptic curves over binary fields is susceptible to a timing attack vulnerability. This vulnerability can be used to steal the private key of a TLS server that authenticates with ECDSA signatures and binary curves...