SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionThe OpenSSL team reports :
Operations in the DSA signing algorithm should run in constant time in order to avoid side channel attacks. A flaw in the OpenSSL DSA implementation means that a non-constant time codepath is followed for certain operations. This has been demonstrated through a cache-timing attack to be sufficient for an attacker to recover the private DSA key.
SolutionUpdate the affected packages.