CVE-2018-0739

Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...

EulerOS 2.0 SP5 : openssl (EulerOS-SA-2019-1009)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries CVE-2018-0495 - openssl: Malicious server can send large prime to...

Amazon Linux AMI : openssl (ALAS-2018-1102)

Libgcrypt allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the gcryeccecdsasign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker...

Scientific Linux Security Update : openssl on SL7.x x86_64 (20181030)

Security Fixes : - openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries CVE-2018-0495 - openssl: Malicious server can send large prime to client during DHE TLS handshake causing the client to hang CVE-2018-0732 - openssl: Handling of crafted recursive ASN.1 structures can cau...

openssl security, bug fix, and enhancement update

1.0.2k-16.0.1 - sha256 is used for the RSA pairwise consistency test instead of sha1 1.0.2k-16 - fix CVE-2018-0495 - ROHNP - Key Extraction Side Channel on DSA, ECDSA - fix incorrect error message on FIPS DSA parameter generation 1603597 1.0.2k-14 - ppc64le is not multilib architecture 1585004...