Still Failing: openssl/openssl#27677 (OpenSSL_1_1_1-stable - 51e236d)
builds at travis-ci.org
Tue Aug 27 08:58:21 UTC 2019
Build Update for openssl/openssl
Status: Still Failing
Duration: 20 mins and 47 secs
Commit: 51e236d (OpenSSL_1_1_1-stable)
Author: Cesar Pereida Garcia
Message: Fix SCA vulnerability when using PVK and MSBLOB key formats
This commit addresses a side-channel vulnerability present when
PVK and MSBLOB key formats are loaded into OpenSSL.
The public key was not computed using a constant-time exponentiation
This issue was discovered and reported by the NISEC group at TAU Finland.
Reviewed-by: Nicola Tuveri <nic.tuv at gmail.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9587)
(cherry picked from commit 724339ff44235149c4e8ddae614e1dda6863e23e)
View the changeset: https://github.com/openssl/openssl/compare/4bdab2571782...51e236df4187
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/577228476?utm_medium=notification&utm_source=email
You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-commits