Samuel Weiser discovered that OpenSSL incorrectly handled DSA signing. An attacker could possibly use this issue to perform a timing side-channel attack and recover private DSA keys. (CVE-2018-0734)
Samuel Weiser discovered that OpenSSL incorrectly handled ECDSA signing. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-0735)
Billy Bob Brumley, Cesar Pereida Garcia, Sohaib ul Hassan, Nicola Tuveri, and Alejandro Cabrera Aldaya discovered that Simultaneous Multithreading (SMT) architectures are vulnerable to side-channel leakage. This issue is known as "PortSmash". An attacker could possibly use this issue to perform a timing side-channel attack and recover private keys. (CVE-2018-5407)
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1.0.1f-1ubuntu2.27", "binary_name": "libcrypto1.0.0-udeb" }, { "binary_version": "1.0.1f-1ubuntu2.27", "binary_name": "libcrypto1.0.0-udeb-dbgsym" }, { "binary_version": "1.0.1f-1ubuntu2.27", "binary_name": "libssl-dev" }, { "binary_version": "1.0.1f-1ubuntu2.27", "binary_name": "libssl-dev-dbgsym" }, { "binary_version": "1.0.1f-1ubuntu2.27", "binary_name": "libssl-doc" }, { "binary_version": "1.0.1f-1ubuntu2.27", "binary_name": "libssl1.0.0" }, { "binary_version": "1.0.1f-1ubuntu2.27", "binary_name": "libssl1.0.0-dbg" }, { "binary_version": "1.0.1f-1ubuntu2.27", "binary_name": "libssl1.0.0-dbgsym" }, { "binary_version": "1.0.1f-1ubuntu2.27", "binary_name": "libssl1.0.0-udeb" }, { "binary_version": "1.0.1f-1ubuntu2.27", "binary_name": "libssl1.0.0-udeb-dbgsym" }, { "binary_version": "1.0.1f-1ubuntu2.27", "binary_name": "openssl" }, { "binary_version": "1.0.1f-1ubuntu2.27", "binary_name": "openssl-dbgsym" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1.0.2g-1ubuntu4.14", "binary_name": "libcrypto1.0.0-udeb" }, { "binary_version": "1.0.2g-1ubuntu4.14", "binary_name": "libcrypto1.0.0-udeb-dbgsym" }, { "binary_version": "1.0.2g-1ubuntu4.14", "binary_name": "libssl-dev" }, { "binary_version": "1.0.2g-1ubuntu4.14", "binary_name": "libssl-dev-dbgsym" }, { "binary_version": "1.0.2g-1ubuntu4.14", "binary_name": "libssl-doc" }, { "binary_version": "1.0.2g-1ubuntu4.14", "binary_name": "libssl1.0.0" }, { "binary_version": "1.0.2g-1ubuntu4.14", "binary_name": "libssl1.0.0-dbg" }, { "binary_version": "1.0.2g-1ubuntu4.14", "binary_name": "libssl1.0.0-dbgsym" }, { "binary_version": "1.0.2g-1ubuntu4.14", "binary_name": "libssl1.0.0-udeb" }, { "binary_version": "1.0.2g-1ubuntu4.14", "binary_name": "libssl1.0.0-udeb-dbgsym" }, { "binary_version": "1.0.2g-1ubuntu4.14", "binary_name": "openssl" }, { "binary_version": "1.0.2g-1ubuntu4.14", "binary_name": "openssl-dbgsym" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1.1.0g-2ubuntu4.3", "binary_name": "libcrypto1.1-udeb" }, { "binary_version": "1.1.0g-2ubuntu4.3", "binary_name": "libssl-dev" }, { "binary_version": "1.1.0g-2ubuntu4.3", "binary_name": "libssl-doc" }, { "binary_version": "1.1.0g-2ubuntu4.3", "binary_name": "libssl1.1" }, { "binary_version": "1.1.0g-2ubuntu4.3", "binary_name": "libssl1.1-dbgsym" }, { "binary_version": "1.1.0g-2ubuntu4.3", "binary_name": "libssl1.1-udeb" }, { "binary_version": "1.1.0g-2ubuntu4.3", "binary_name": "openssl" }, { "binary_version": "1.1.0g-2ubuntu4.3", "binary_name": "openssl-dbgsym" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1.0.2n-1ubuntu5.2", "binary_name": "libcrypto1.0.0-udeb" }, { "binary_version": "1.0.2n-1ubuntu5.2", "binary_name": "libssl1.0-dev" }, { "binary_version": "1.0.2n-1ubuntu5.2", "binary_name": "libssl1.0.0" }, { "binary_version": "1.0.2n-1ubuntu5.2", "binary_name": "libssl1.0.0-dbgsym" }, { "binary_version": "1.0.2n-1ubuntu5.2", "binary_name": "libssl1.0.0-udeb" }, { "binary_version": "1.0.2n-1ubuntu5.2", "binary_name": "openssl1.0" }, { "binary_version": "1.0.2n-1ubuntu5.2", "binary_name": "openssl1.0-dbgsym" } ] }