AVG-141 log
| Package | lib32-openssl |
| Status | Not affected |
| Severity | Medium |
| Type | private key recovery |
| Affected | 1.0.2.j-1 |
| Fixed | Not affected |
| Current | 1:3.6.0-1 [multilib] |
| Ticket | None |
| Created | Sun Jan 15 07:25:46 2017 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2016-7056 | Medium | No | Private key recovery | The signing function in crypto/ecdsa/ecdsa_ossl.c in certain OpenSSL versions and forks is vulnerable to timing attacks when signing with the standardized... |
| Notes |
|---|
fixed in 1.0.2 |