Add ChangeLog entry

This commit is contained in:
Janos Follath 2019-01-16 16:06:18 +00:00
parent 7b774483bf
commit 660f4f8c5b

View file

@ -2,6 +2,13 @@ mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS 2.7.x branch released xxxx-xx-xx
Security
* The deterministic ECDSA calculation reused the scheme's HMAC-DRBG to
implement blinding. Because of this for the same key and message the same
blinding value was generated. This reduced the effectiveness of the
countermeasure and leaked information about the private key through side
channels. Reported by Jack Lloyd.
Bugfix
* Run the AD too long test only if MBEDTLS_CCM_ALT is not defined.
Raised as a comment in #1996.