A fix is available
APAR status
Closed as program error.
Error description
An attacker running a program on the same machine as where the victim is running a program could use CPU timing information to discover key information about certain kinds of binary type Elliptic Curves used in Digital signatures during signing operations. Although GSKit only generates Prime type Elliptic Curves, externally generated keys may be imported in GSKit.
Local fix
Problem summary
This update brings GSKit to level 8.0.50.21.
Problem conclusion
This update brings GSKit to level 8.0.50.21.
Temporary fix
Comments
APAR Information
APAR number
IV61272
Reported component name
CS AIX V6.X
Reported component ID
5765E5100
Reported release
640
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2014-06-06
Closed date
2014-06-06
Last modified date
2014-06-06
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
CS AIX V6.X
Fixed component ID
5765E5100
Applicable component levels
R640 PSY
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSPQKF","label":"Communications Server for AIX"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"640","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]
Document Information
Modified date:
06 June 2014