[openssl-commits] [web] master update

Matt Caswell matt at openssl.org
Mon Nov 12 16:51:37 UTC 2018 

The branch master has been updated
       via  28c43932d579cd6ba18ec411bb828a2512c3419e (commit)
      from  a7fc7eb4f8d9d6b21c3376d6e815d0735909bd7b (commit)


- Log -----------------------------------------------------------------
commit 28c43932d579cd6ba18ec411bb828a2512c3419e
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Nov 12 15:02:14 2018 +0000

    Updates for CVE-2018-5407
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/web/pull/93)

-----------------------------------------------------------------------

Summary of changes:
 news/secadv/20181112.txt | 41 +++++++++++++++++++++++++++++++++++++++++
 news/vulnerabilities.xml | 48 +++++++++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 88 insertions(+), 1 deletion(-)
 create mode 100644 news/secadv/20181112.txt

diff --git a/news/secadv/20181112.txt b/news/secadv/20181112.txt
new file mode 100644
index 0000000..764520e
--- /dev/null
+++ b/news/secadv/20181112.txt
@@ -0,0 +1,41 @@
+OpenSSL Security Advisory [12 November 2018]
+============================================
+
+Microarchitecture timing vulnerability in ECC scalar multiplication (CVE-2018-5407)
+===================================================================================
+
+Severity: Low
+
+OpenSSL ECC scalar multiplication, used in e.g. ECDSA and ECDH, has been shown
+to be vulnerable to a microarchitecture timing side channel attack. An attacker
+with sufficient access to mount local timing attacks during ECDSA signature
+generation could recover the private key.
+
+This issue does not impact OpenSSL 1.1.1 and is already fixed in the latest
+version of OpenSSL 1.1.0 (1.1.0i). OpenSSL 1.0.2 is affected but due to the low
+severity of this issue we are not creating a new release at this time. The 1.0.2
+mitigation for this issue can be found in commit b18162a7c.
+
+OpenSSL 1.1.0 users should upgrade to 1.1.0i.
+
+This issue was reported to OpenSSL on 26th October 2018 by Alejandro Cabrera
+Aldaya, Billy Brumley, Sohaib ul Hassan, Cesar Pereida Garcia and Nicola Tuveri.
+
+Note
+====
+
+OpenSSL 1.1.0 is currently only receiving security updates. Support for this
+version will end on 11th September 2019. Users of this version should upgrade to
+OpenSSL 1.1.1.
+
+References
+==========
+
+URL for this Security Advisory:
+https://www.openssl.org/news/secadv/20181112.txt
+
+Note: the online version of the advisory may be updated with additional details
+over time.
+
+For details of OpenSSL severity classifications please see:
+https://www.openssl.org/policies/secpolicy.html
diff --git a/news/vulnerabilities.xml b/news/vulnerabilities.xml
index 86b18c0..46cdcff 100644
--- a/news/vulnerabilities.xml
+++ b/news/vulnerabilities.xml
@@ -7,7 +7,53 @@
 
 <!-- The updated attribute should be the same as the first public issue,
      unless an old entry was updated. -->
-<security updated="20181030">
+<security updated="20181112">
+  <issue public="20181102">
+    <impact severity="Low"/>
+    <cve name="2018-5407"/>
+    <affects base="1.1.0" version="1.1.0"/>
+    <affects base="1.1.0" version="1.1.0a"/>
+    <affects base="1.1.0" version="1.1.0b"/>
+    <affects base="1.1.0" version="1.1.0c"/>
+    <affects base="1.1.0" version="1.1.0d"/>
+    <affects base="1.1.0" version="1.1.0e"/>
+    <affects base="1.1.0" version="1.1.0f"/>
+    <affects base="1.1.0" version="1.1.0g"/>
+    <affects base="1.1.0" version="1.1.0h"/>
+    <affects base="1.0.2" version="1.0.2"/>
+    <affects base="1.0.2" version="1.0.2a"/>
+    <affects base="1.0.2" version="1.0.2b"/>
+    <affects base="1.0.2" version="1.0.2c"/>
+    <affects base="1.0.2" version="1.0.2d"/>
+    <affects base="1.0.2" version="1.0.2e"/>
+    <affects base="1.0.2" version="1.0.2f"/>
+    <affects base="1.0.2" version="1.0.2g"/>
+    <affects base="1.0.2" version="1.0.2h"/>
+    <affects base="1.0.2" version="1.0.2i"/>
+    <affects base="1.0.2" version="1.0.2j"/>
+    <affects base="1.0.2" version="1.0.2k"/>
+    <affects base="1.0.2" version="1.0.2l"/>
+    <affects base="1.0.2" version="1.0.2m"/>
+    <affects base="1.0.2" version="1.0.2n"/>
+    <affects base="1.0.2" version="1.0.2o"/>
+    <affects base="1.0.2" version="1.0.2p"/>
+    <fixed base="1.1.0" version="1.1.0i" date="20180814">
+      <git hash="aab7c770353b1dc4ba045938c8fb446dd1c4531e"/>
+    </fixed>
+    <fixed base="1.0.2" version="1.0.2q-dev" date="20181112">
+      <git hash="b18162a7c9bbfb57112459a4d6631fa258fd8c0cq"/>
+    </fixed>
+    <problemtype>Side Channel Attack</problemtype>
+    <title>Microarchitecture timing vulnerability in ECC scalar multiplication</title>
+    <description>
+      OpenSSL ECC scalar multiplication, used in e.g. ECDSA and ECDH, has been shown
+      to be vulnerable to a microarchitecture timing side channel attack. An attacker
+      with sufficient access to mount local timing attacks during ECDSA signature
+      generation could recover the private key.
+    </description>
+    <advisory url="/news/secadv/20181112.txt"/>
+    <reported source="Alejandro Cabrera Aldaya, Billy Brumley, Sohaib ul Hassan, Cesar Pereida Garcia and Nicola Tuveri"/>
+  </issue>
   <issue public="20181030">
     <impact severity="Low"/>
     <cve name="2018-0734"/>

More information about the openssl-commits mailing list