Hi All, Wondering openssl was contacted when the following paper was released:
http://eprint.iacr.org/2014/140.pdf This seems similar to http://eprint.iacr.org/2013/448.pdf which affected GPG software, was assigned a CVE id and was fixed up GPG upstream. Regards, Huzaifa
