Hi, BoringSSL reported an out-of-bounds read in BN_mod_exp_mont_consttime and appear to have patched it: https://boringssl-review.googlesource.com/#/c/1393/ <https://boringssl-review.googlesource.com/#/c/1393/>
How serious is this issue? Are there any plans for OpenSSL to use a similar fix too? Cheers Parag
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
