OpenBSD Errata: June 14th, 2018 (libcrypto)

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

OpenBSD Errata: June 14th, 2018 (libcrypto)

Theo Buehler-5
Errata patches for libcrypto have been released for OpenBSD 6.3 and 6.2.

DSA and ECDSA signature generation can potentially leak secret information
to a timing side-channel attack.

Binary updates for the amd64, i386, and arm64 platforms are available via
the syspatch utility. Source code patches can be found on the respective
errata pages:

  https://www.openbsd.org/errata62.html
  https://www.openbsd.org/errata63.html

For users running 6.3, the syspatches will be delayed approximately two days.
Use the source code patch if you need the fix before then.