[openssl-commits] Still Failing: openssl/openssl#4363 (OpenSSL_1_0_2-stable - 621eaf4)
Travis CI
builds at travis-ci.org
Mon Jun 6 11:00:15 UTC 2016
Build Update for openssl/openssl
-------------------------------------
Build: #4363
Status: Still Failing
Duration: 19 minutes and 6 seconds
Commit: 621eaf4 (OpenSSL_1_0_2-stable)
Author: Cesar Pereida
Message: Fix DSA, preserve BN_FLG_CONSTTIME
Operations in the DSA signing algorithm should run in constant time in
order to avoid side channel attacks. A flaw in the OpenSSL DSA
implementation means that a non-constant time codepath is followed for
certain operations. This has been demonstrated through a cache-timing
attack to be sufficient for an attacker to recover the private DSA key.
CVE-2016-2178
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
View the changeset: https://github.com/openssl/openssl/compare/46bad91986eb...621eaf49a289
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/135556831
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-commits/attachments/20160606/413b0640/attachment-0001.html>
More information about the openssl-commits
mailing list