testing openssl for Jessie LTS
Hi everybody,
I uploaded version 1.0.1t-1+deb8u10 of openssl to:
https://people.debian.org/~alteholz/packages/jessie-lts/openssl/
Please give it a try and tell me about any problems you met.
Thanks!
Thorsten
* CVE-2018-0735
Samuel Weiser reported a timing vulnerability in the OpenSSL ECDSA
signature generation, which might leak information to recover the
private key.
* CVE-2018-5407
Alejandro Cabrera Aldaya, Billy Brumley, Sohaib ul Hassan, Cesar
Pereida Garcia and Nicola Tuveri reported a vulnerability to a
timing side channel attack, which might be used to recover the
private key.
Reply to: