Oval Definition:	oval:com.ubuntu.trusty:def:20162178000
Revision Date: 2016-06-19 Version: 1 Title: CVE-2016-2178 on Ubuntu 14.04 LTS (trusty) - low. Description: The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack. Family: unix Class: vulnerability Status: Reference(s): CVE-2016-2178 Platform(s): Ubuntu 14.04 LTS Product(s): Definition Synopsis Ubuntu 14.04 LTS (trusty) is installed. AND Package Information The 'openssl' package in trusty was vulnerable but has been fixed (note: '1.0.1f-1ubuntu2.20'). OR The 'openssl098' package in trusty is affected and needs fixing.
BACK