Hi Ron, 0.9.7 does not support curves over binary fields and is not vulnerable to CVE-2014-0076. I do not know what the Solaris enhancements are and cannot say whether they are vulnerable. Note, also, that some functionality of 0.9.7, and of all later versions of OpenSSL, is vulnerable to the Flush+Reload side-channel attack.
Cheers Yuval On 02/05/2014, at 4:25 AM, Ron Jordan <ron.jor...@oracle.com> wrote: > Hi Folks, > > I'm trying to determine whether CVE-2014-0076 applies to the patched OpenSSL > 0.9.7d that is part of Solaris 10. I looked at the fixes that were applied > to 1.0.1, 1.0.0, and 0.9.8 which include changes to the > ec_GF2m_montgomery_point_multiply() function, which doesn't exist in S10's > enhanced 0.9.7. Based on the actual fix and the fact that none of the still > existing EC routines from 0.9.7 were modified, it appears that the > vulnerability does not apply to 0.9.7. > > But the "Vulnerable software and versions" section of the NIST Vulnerability > Summary seems to imply that the vulnerability applies to 0.9.7 as well: > http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0076 > > Can anyone please comment on whether CVE-2014-0076 is in fact relevant to > 0.9.7? Thank you! > > -- > ron jordan > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List openssl-dev@openssl.org > Automated List Manager majord...@openssl.org > Yuval Yarom Research Associate School of Computer Science, The University of Adelaide Adelaide SA 5005 y...@cs.adelaide.edu.au CRICOS Provider Number 00123M ----------------------------------------------------------- IMPORTANT: This message may contain confidential or legally privileged information. If you think it was sent to you by mistake, please delete all copies and advise the sender. For the purposes of the SPAM Act 2003, this email is authorised by The University of Adelaide. Think green: read on the screen.
