AVG-141 log

Package lib32-openssl
Status Not affected
Severity Medium
Type private key recovery
Affected 1.0.2.j-1
Fixed Not affected
Current 1:1.1.1.d-1 [multilib]
Ticket None
Created Sun Jan 15 07:25:46 2017
Issue Severity Remote Type Description
CVE-2016-7056 Medium No Private key recovery
The signing function in crypto/ecdsa/ecdsa_ossl.c in certain OpenSSL versions and forks is vulnerable to timing attacks when signing with the standardized...
Notes
fixed in 1.0.2