Date: Wed, 8 Jun 2016 19:13:42 +0300 From: Billy Brumley <bbrumley@...il.com> To: oss-security@...ts.openwall.com Subject: Re: CVE-2016-2178: OpenSSL DSA follows a non-constant time codepath for certain operations > I assume the OpenSSL team considers this vulnerability to be LOW severity: > https://www.openssl.org/policies/secpolicy.html Yes this is correct. BBB
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ