Permalink
2 comments
on commit
sign in to comment.
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Timing vulnerability in DSA signature generation (CVE-2018-0734).
Avoid a timing attack that leaks information via a side channel that triggers when a BN is resized. Increasing the size of the BNs prior to doing anything with them suppresses the attack. Thanks due to Samuel Weiser for finding and locating this. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from #7486) (cherry picked from commit a9cfb8c)
- Loading branch information
This comment has been minimized.
just what is cherry picking? I'm curious.
This comment has been minimized.
The process of copying a commit from one branch to another in git. In this case the original commit was on the "master" branch, and it was copied into the "OpenSSL_1_1_1-stable" branch. Search for "git cherry-pick"