Indicate the memory access variations in the changelog entry

This commit is contained in:
Gilles Peskine 2018-10-05 15:42:52 +02:00
parent 40b57f4acd
commit c5ccd7a1e7

View File

@ -3,10 +3,11 @@ mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS 2.xx.x branch released xxxx-xx-xx = mbed TLS 2.xx.x branch released xxxx-xx-xx
Security Security
* Fix a timing variation in RSA PKCS#1 v1.5 decryption that could * Fix timing variations and memory access variations in RSA PKCS#1 v1.5
lead to a Bleichenbacher-style attack. In TLS, this affects decryption that could lead to a Bleichenbacher-style padding oracle
RSA-based ciphersuites without DHE or ECDHE. Reported by Yuval Yarom, attack. In TLS, this affects RSA-based ciphersuites without DHE or
Eyal Ronen, Adi Shamir, David Wong and Daniel Genkin. ECDHE. Reported by Yuval Yarom, Eyal Ronen, Adi Shamir, David Wong and
Daniel Genkin.
= mbed TLS 2.13.1 branch released 2018-09-06 = mbed TLS 2.13.1 branch released 2018-09-06