On 25/10/16 09:01, Sanjaya Joshi wrote:
> Hello,
>
> 1)
> In openssl1.0.2i, the release note says, there is a fix for CVE-2016-2178:
>
> "
> *) Constant time flag not preserved in DSA signing
>
> Operations in the DSA signing algorithm should run in constant time in
> order to avoi
Hello,
1)
In openssl1.0.2i, the release note says, there is a fix for CVE-2016-2178:
"
*) Constant time flag not preserved in DSA signing
Operations in the DSA signing algorithm should run in constant time in
order to avoid side channel attacks. A flaw in the OpenSSL DSA
impleme