mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 15:15:43 +01:00
Add ChangeLog message for EC private exponent information leak
This commit is contained in:
parent
cf873f74d4
commit
25e39d38bd
@ -8,6 +8,8 @@ Security
|
||||
and omitted for the sake of saving memory, but potentially
|
||||
leading to slight timing differences.
|
||||
Reported by Marco Macchetti, Kudelski Group.
|
||||
* Wipe stack buffer temporarily holding EC private exponent
|
||||
after keypair generation.
|
||||
|
||||
Bugfix
|
||||
* Fix ssl_parse_record_header() to silently discard invalid DTLS records
|
||||
|
Loading…
Reference in New Issue
Block a user