Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

deps: float two (more) OpenSSL patches for DSA vulnerabilities #23965

Closed
wants to merge 2 commits into from
Closed

deps: float two (more) OpenSSL patches for DSA vulnerabilities #23965

wants to merge 2 commits into from

Commits on Oct 30, 2018

  1. deps: float 415c3356 from openssl (DSA vulnerability) 

    Low severity timing vulnerability in the DSA signature algorithm

Publicly disclosed but unreleased, pending OpenSSL 1.1.0j, not deemed
severe enough to be assigned a CVE #.

Ref: openssl/openssl#7487
PR-URL: https://github.com/nodejs/node/pull/???
Upstream: openssl/openssl@415c3356

Original commit message:

    DSA mod inverse fix

    There is a side channel attack against the division used to calculate one of
    the modulo inverses in the DSA algorithm.  This change takes advantage of the
    primality of the modulo and Fermat's little theorem to calculate the inverse
    without leaking information.

    Thanks to Samuel Weiser for finding and reporting this.

    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
    Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
    (Merged from openssl/openssl#7487)
    @rvagg
    rvagg committed Oct 30, 2018
    Configuration menu
    Copy the full SHA
    f9c336d View commit details
    Browse the repository at this point in the history

  2. deps: float a9cfb8c2 from openssl (CVE-2018-0734) 

    Low severity timing vulnerability in the DSA signature algorithm

Publicly disclosed but unreleased, pending OpenSSL 1.1.0j

Ref: openssl/openssl#7486
Ref: https://www.openssl.org/news/secadv/20181030.txt
PR-URL: https://github.com/nodejs/node/pull/???
Upstream: openssl/openssl@a9cfb8c2

Original commit message:

    Avoid a timing attack that leaks information via a side channel that
    triggers when a BN is resized.  Increasing the size of the BNs
    prior to doing anything with them suppresses the attack.

    Thanks due to Samuel Weiser for finding and locating this.

    Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
    (Merged from openssl/openssl#7486)
    @rvagg
    rvagg committed Oct 30, 2018
    Configuration menu
    Copy the full SHA
    082e301 View commit details
    Browse the repository at this point in the history