Hi List, Doing some research on http://nvd.nist.gov, I came across a "high" vulnerability tagged CVE-2005-1797. I cannot seem to find out if this is fixed in later versions after searching the net for an hour.
Summary of the above vulnerability is listed below, anyone has any ideas ? Summary: "The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations. " Shabbir ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
