yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 10:55:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

Indicate the memory access variations in the changelog entry

Browse Source
This commit is contained in:
Gilles Peskine 2018-10-05 15:42:52 +02:00
parent 40b57f4acd
commit c5ccd7a1e7
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ChangeLog
View File

@ -3,10 +3,11 @@ mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS 2.xx.x branch released xxxx-xx-xx
Security
* Fix a timing variation in RSA PKCS#1 v1.5 decryption that could
lead to a Bleichenbacher-style attack. In TLS, this affects
RSA-based ciphersuites without DHE or ECDHE. Reported by Yuval Yarom,
Eyal Ronen, Adi Shamir, David Wong and Daniel Genkin.
* Fix timing variations and memory access variations in RSA PKCS#1 v1.5
decryption that could lead to a Bleichenbacher-style padding oracle
attack. In TLS, this affects RSA-based ciphersuites without DHE or
ECDHE. Reported by Yuval Yarom, Eyal Ronen, Adi Shamir, David Wong and
Daniel Genkin.
= mbed TLS 2.13.1 branch released 2018-09-06