Indicate the memory access variations in the changelog entry

This commit is contained in:
Gilles Peskine 2018-10-05 15:42:52 +02:00
parent 40b57f4acd
commit c5ccd7a1e7

View file

@ -3,10 +3,11 @@ mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS 2.xx.x branch released xxxx-xx-xx
Security
* Fix a timing variation in RSA PKCS#1 v1.5 decryption that could
lead to a Bleichenbacher-style attack. In TLS, this affects
RSA-based ciphersuites without DHE or ECDHE. Reported by Yuval Yarom,
Eyal Ronen, Adi Shamir, David Wong and Daniel Genkin.
* Fix timing variations and memory access variations in RSA PKCS#1 v1.5
decryption that could lead to a Bleichenbacher-style padding oracle
attack. In TLS, this affects RSA-based ciphersuites without DHE or
ECDHE. Reported by Yuval Yarom, Eyal Ronen, Adi Shamir, David Wong and
Daniel Genkin.
= mbed TLS 2.13.1 branch released 2018-09-06