AVG-793

Package lib32-openssl
Status Vulnerable
Severity Low
Type private key recovery
Affected 1:1.1.1-1
Fixed Unknown
Current 1:1.1.1-1 [multilib]
Ticket Create
Created Mon Oct 29 09:45:33 2018
Issue Severity Remote Type Description
CVE-2018-0735 Low Yes Private key recovery
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack in openssl versions prior to 1.1.1a. An attacker could...
References
https://www.openssl.org/news/secadv/20181029.txt