FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
6f0529e2-2e82-11e6-b2ec-b499baebfeafOpenSSL -- vulnerability in DSA signing

The OpenSSL team reports:

Operations in the DSA signing algorithm should run in constant time in order to avoid side channel attacks. A flaw in the OpenSSL DSA implementation means that a non-constant time codepath is followed for certain operations. This has been demonstrated through a cache-timing attack to be sufficient for an attacker to recover the private DSA key.


Discovery 2016-06-09
Entry 2016-06-09
Modified 2016-12-20
openssl
< 1.0.2_13

libressl
< 2.2.9

ge 2.3.0 lt 2.3.6

libressl-devel
< 2.4.1

https://git.openssl.org/?p=openssl.git;a=commit;h=399944622df7bd81af62e67ea967c470534090e2
CVE-2016-2178