yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-10 21:35:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add ChangeLog entry

Browse source
This commit is contained in:
Janos Follath 2019-10-25 08:53:01 +01:00
parent 82debf8332
commit 5cf41f80a4
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
ChangeLog
View file

@ -2,6 +2,13 @@ mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS 2.7.x branch released xxxx-xx-xx = mbed TLS 2.7.x branch released xxxx-xx-xx
Security
* Fix side channel vulnerability in ECDSA. Our bignum implementation is not
constant time/constant trace, so side channel attacks can retrieve the
blinded value, factor it (as it is smaller than RSA keys and not guaranteed
to have only large prime factors), and then, by brute force, recover the
key. Reported by Alejandro Cabrera Aldaya and Billy Brumley.
Changes Changes
* Add unit tests for AES-GCM when called through mbedtls_cipher_auth_xxx() * Add unit tests for AES-GCM when called through mbedtls_cipher_auth_xxx()
from the cipher abstraction layer. Fixes #2198. from the cipher abstraction layer. Fixes #2198.