[Pkg-openssl-devel] Bug#438142: Bug#438142: Bug#438142: CVE-2007-3108 wrong Montgomery multiplication might cause information leakage
Kurt Roeckx
kurt at roeckx.be
Wed Aug 15 18:12:02 UTC 2007
On Wed, Aug 15, 2007 at 07:46:34PM +0200, Kurt Roeckx wrote:
>
> For HEAD the fixes are:
> http://cvs.openssl.org/chngview?cn=16275
> http://cvs.openssl.org/chngview?cn=16282
> http://cvs.openssl.org/chngview?cn=16306
>
> For 0.9.8e you need:
> http://openssl.org/news/patch-CVE-2007-3108.txt
>
> Which is a combination of:
> http://cvs.openssl.org/chngview?cn=16277
> http://cvs.openssl.org/chngview?cn=16308
If you only applied the first of those, make test fails (as expected)
with:
wap-wsg-idm-ecid-wtls9: failed
ECDSA test failed
3366:error:0307706E:bignum routines:BN_mod_lshift_quick:input not reduced:bn_mod.c:273:
make[2]: *** [test_ecdsa] Error 1
All openssl 0.9.8 packages in Debian run the testsuite during build and
fail on this if you got the wrong patch. The 0.9.7 versions don't and
will fail silently.
Kurt
More information about the Pkg-openssl-devel
mailing list