yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-26 15:25:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add ChangeLog message for EC private exponent information leak

Browse Source
This commit is contained in:
Hanno Becker 2017-10-19 10:10:18 +01:00
parent cf873f74d4
commit 25e39d38bd
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@ -8,6 +8,8 @@ Security
and omitted for the sake of saving memory, but potentially and omitted for the sake of saving memory, but potentially
leading to slight timing differences. leading to slight timing differences.
Reported by Marco Macchetti, Kudelski Group. Reported by Marco Macchetti, Kudelski Group.
* Wipe stack buffer temporarily holding EC private exponent
after keypair generation.
Bugfix Bugfix
* Fix ssl_parse_record_header() to silently discard invalid DTLS records * Fix ssl_parse_record_header() to silently discard invalid DTLS records