Add ChangeLog entry

2024-11-22 06:05:41 +01:00 · 2019-10-25 08:53:01 +01:00 · 2019-10-25 08:53:01 +01:00 · 1baed82774
commit 1baed82774
parent d65df1fa67
1 changed files with 7 additions and 0 deletions
--- a/7
+++ b/7
@ -2,6 +2,13 @@ mbed TLS ChangeLog (Sorted per branch, date)

 = mbed TLS 2.16.x branch released xxxx-xx-xx

+Security
+   * Fix side channel vulnerability in ECDSA. Our bignum implementation is not
+     constant time/constant trace, so side channel attacks can retrieve the
+     blinded value, factor it (as it is smaller than RSA keys and not guaranteed
+     to have only large prime factors), and then, by brute force, recover the
+     key. Reported by Alejandro Cabrera Aldaya and Billy Brumley.
+
 Bugfix
   * Remove redundant line for getting the bitlen of a bignum, since the variable
     holding the returned value is overwritten a line after.