I'd like to draw everyone's attention to PR #5969 Given CVE-2018-0737, and the fact that this is far from the first time this has happened I think we should change the default so that we always use the constant time implementation unless specifically flagged otherwise. E.g see these issues:
54f007a (CVE-2018-0737) 8db7946 e913d11 6364475 6364475 3de81a5 47ae05b 033dc8f 3999446 (CVE-2016-2178) As I say in the PR (marked as WIP) I am seeking feedback as to whether this is something we should pursue now (i.e. for 1.1.1) or later (post 1.1.1) or not at all. Matt _______________________________________________ openssl-project mailing list [email protected] https://mta.openssl.org/mailman/listinfo/openssl-project
