Date: Tue, 10 Jan 2017 11:17:45 -0500 From: Dan McDonald <danmcd@...iti.com> To: oss-security@...ts.openwall.com Cc: Dan McDonald <danmcd@...iti.com> Subject: Re: CVE-2016-7056 ECDSA P-256 timing attack key recovery (OpenSSL, LibreSSL, BoringSSL) > On Jan 10, 2017, at 10:50 AM, Cesar Pereida Garcia <cesar.pereidagarcia@....fi> wrote: > > Mitigation: > Users of OpenSSL with the affected versions should apply > the patch available in the manuscript at . You should just mail the patch to this list. I'm having a hard time copying/pasting the uuencoded blob from your paper, Cesar. Thanks, Dan
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ