AVG-140 log

Package openssl
Status Not affected
Severity Medium
Type private key recovery
Affected 1.0.2.j-1
Fixed Not affected
Current 3.3.1-1 [core]
Ticket None
Created Sun Jan 15 07:25:41 2017
Issue Severity Remote Type Description
CVE-2016-7056 Medium No Private key recovery
The signing function in crypto/ecdsa/ecdsa_ossl.c in certain OpenSSL versions and forks is vulnerable to timing attacks when signing with the standardized...
fixed in 1.0.2