The branch master has been updated via 28c43932d579cd6ba18ec411bb828a2512c3419e (commit) from a7fc7eb4f8d9d6b21c3376d6e815d0735909bd7b (commit)
- Log ----------------------------------------------------------------- commit 28c43932d579cd6ba18ec411bb828a2512c3419e Author: Matt Caswell <m...@openssl.org> Date: Mon Nov 12 15:02:14 2018 +0000 Updates for CVE-2018-5407 Reviewed-by: Richard Levitte <levi...@openssl.org> (Merged from https://github.com/openssl/web/pull/93) ----------------------------------------------------------------------- Summary of changes: news/secadv/20181112.txt | 41 +++++++++++++++++++++++++++++++++++++++++ news/vulnerabilities.xml | 48 +++++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 88 insertions(+), 1 deletion(-) create mode 100644 news/secadv/20181112.txt diff --git a/news/secadv/20181112.txt b/news/secadv/20181112.txt new file mode 100644 index 0000000..764520e --- /dev/null +++ b/news/secadv/20181112.txt @@ -0,0 +1,41 @@ +OpenSSL Security Advisory [12 November 2018] +============================================ + +Microarchitecture timing vulnerability in ECC scalar multiplication (CVE-2018-5407) +=================================================================================== + +Severity: Low + +OpenSSL ECC scalar multiplication, used in e.g. ECDSA and ECDH, has been shown +to be vulnerable to a microarchitecture timing side channel attack. An attacker +with sufficient access to mount local timing attacks during ECDSA signature +generation could recover the private key. + +This issue does not impact OpenSSL 1.1.1 and is already fixed in the latest +version of OpenSSL 1.1.0 (1.1.0i). OpenSSL 1.0.2 is affected but due to the low +severity of this issue we are not creating a new release at this time. The 1.0.2 +mitigation for this issue can be found in commit b18162a7c. + +OpenSSL 1.1.0 users should upgrade to 1.1.0i. + +This issue was reported to OpenSSL on 26th October 2018 by Alejandro Cabrera +Aldaya, Billy Brumley, Sohaib ul Hassan, Cesar Pereida Garcia and Nicola Tuveri. + +Note +==== + +OpenSSL 1.1.0 is currently only receiving security updates. Support for this +version will end on 11th September 2019. Users of this version should upgrade to +OpenSSL 1.1.1. + +References +========== + +URL for this Security Advisory: +https://www.openssl.org/news/secadv/20181112.txt + +Note: the online version of the advisory may be updated with additional details +over time. + +For details of OpenSSL severity classifications please see: +https://www.openssl.org/policies/secpolicy.html diff --git a/news/vulnerabilities.xml b/news/vulnerabilities.xml index 86b18c0..46cdcff 100644 --- a/news/vulnerabilities.xml +++ b/news/vulnerabilities.xml @@ -7,7 +7,53 @@ <!-- The updated attribute should be the same as the first public issue, unless an old entry was updated. --> -<security updated="20181030"> +<security updated="20181112"> + <issue public="20181102"> + <impact severity="Low"/> + <cve name="2018-5407"/> + <affects base="1.1.0" version="1.1.0"/> + <affects base="1.1.0" version="1.1.0a"/> + <affects base="1.1.0" version="1.1.0b"/> + <affects base="1.1.0" version="1.1.0c"/> + <affects base="1.1.0" version="1.1.0d"/> + <affects base="1.1.0" version="1.1.0e"/> + <affects base="1.1.0" version="1.1.0f"/> + <affects base="1.1.0" version="1.1.0g"/> + <affects base="1.1.0" version="1.1.0h"/> + <affects base="1.0.2" version="1.0.2"/> + <affects base="1.0.2" version="1.0.2a"/> + <affects base="1.0.2" version="1.0.2b"/> + <affects base="1.0.2" version="1.0.2c"/> + <affects base="1.0.2" version="1.0.2d"/> + <affects base="1.0.2" version="1.0.2e"/> + <affects base="1.0.2" version="1.0.2f"/> + <affects base="1.0.2" version="1.0.2g"/> + <affects base="1.0.2" version="1.0.2h"/> + <affects base="1.0.2" version="1.0.2i"/> + <affects base="1.0.2" version="1.0.2j"/> + <affects base="1.0.2" version="1.0.2k"/> + <affects base="1.0.2" version="1.0.2l"/> + <affects base="1.0.2" version="1.0.2m"/> + <affects base="1.0.2" version="1.0.2n"/> + <affects base="1.0.2" version="1.0.2o"/> + <affects base="1.0.2" version="1.0.2p"/> + <fixed base="1.1.0" version="1.1.0i" date="20180814"> + <git hash="aab7c770353b1dc4ba045938c8fb446dd1c4531e"/> + </fixed> + <fixed base="1.0.2" version="1.0.2q-dev" date="20181112"> + <git hash="b18162a7c9bbfb57112459a4d6631fa258fd8c0cq"/> + </fixed> + <problemtype>Side Channel Attack</problemtype> + <title>Microarchitecture timing vulnerability in ECC scalar multiplication</title> + <description> + OpenSSL ECC scalar multiplication, used in e.g. ECDSA and ECDH, has been shown + to be vulnerable to a microarchitecture timing side channel attack. An attacker + with sufficient access to mount local timing attacks during ECDSA signature + generation could recover the private key. + </description> + <advisory url="/news/secadv/20181112.txt"/> + <reported source="Alejandro Cabrera Aldaya, Billy Brumley, Sohaib ul Hassan, Cesar Pereida Garcia and Nicola Tuveri"/> + </issue> <issue public="20181030"> <impact severity="Low"/> <cve name="2018-0734"/> _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits