CVE 2018-0734
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).
Related bugs and status
CVE-2018-0734 (Candidate) is related to these bugs:
Bug #1797386: [SRU] OpenSSL 1.1.1 to 18.04 LTS
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | openssl (Ubuntu) | Undecided | Fix Released | ||
1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | openssl (Ubuntu Bionic) | Undecided | Fix Released | ||
1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | libio-socket-ssl-perl (Ubuntu Bionic) | Undecided | Fix Released | ||
1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | libnet-ssleay-perl (Ubuntu Bionic) | Undecided | Fix Released | ||
1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | python-cryptography (Ubuntu Bionic) | Undecided | Fix Released | ||
1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | python2.7 (Ubuntu Bionic) | Undecided | Fix Released | ||
1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | python3.6 (Ubuntu Bionic) | Undecided | Fix Released | ||
1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | python3.7 (Ubuntu Bionic) | Undecided | Fix Released | ||
1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | r-cran-openssl (Ubuntu Bionic) | Undecided | Fix Released | ||
1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | ruby-openssl (Ubuntu Bionic) | Undecided | Fix Released | ||
1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | ruby2.5 (Ubuntu Bionic) | Undecided | Fix Released | ||
1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | libwww-perl (Ubuntu) | Undecided | Fix Released | ||
1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | libwww-perl (Ubuntu Bionic) | Undecided | Fix Released | ||
1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | python-tornado (Ubuntu Bionic) | Undecided | Fix Released |
Bug #1811531: remote execution vulnerability
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1811531 | remote execution vulnerability | zeromq3 (Ubuntu) | Undecided | Fix Released | ||
1811531 | remote execution vulnerability | zeromq3 (Debian) | Unknown | Fix Released | ||
1811531 | remote execution vulnerability | zeromq (Suse) | High | Fix Released |
See the
CVE page on Mitre.org
for more details.