yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 21:35:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

Tweak RSA vulnerability changelog entry

Browse Source 
* Correct the list of authors.
* Add the CVE number.
* Improve the impact description.
This commit is contained in:
Gilles Peskine 2018-11-29 12:45:01 +01:00
parent 11cdb0559e
commit 056f19c79f
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ChangeLog
View File

@ -5,9 +5,10 @@ mbed TLS ChangeLog (Sorted per branch, date)
Security Security
* Fix timing variations and memory access variations in RSA PKCS#1 v1.5 * Fix timing variations and memory access variations in RSA PKCS#1 v1.5
decryption that could lead to a Bleichenbacher-style padding oracle decryption that could lead to a Bleichenbacher-style padding oracle
attack. In TLS, this affects RSA-based ciphersuites without DHE or attack. In TLS, this affects servers that accept ciphersuites based on
ECDHE. Reported by Yuval Yarom, Eyal Ronen, Adi Shamir, David Wong and RSA decryption (i.e. ciphersuites whose name contains RSA but not
Daniel Genkin. (EC)DH(E)). Reported by Eyal Ronen, Robert Gillham, Daniel Genkin, Adi
Shamir, David Wong and Yuval Yarom. CVE-2018-19608
= mbed TLS 2.13.1 branch released 2018-09-06 = mbed TLS 2.13.1 branch released 2018-09-06