mirror of
https://github.com/yuzu-emu/mbedtls
synced 2024-11-24 04:28:41 +00:00
Add ChangeLog entry
This commit is contained in:
parent
e25f1ee44d
commit
d71f31bfb7
1 changed files with 6 additions and 0 deletions
|
@ -2,6 +2,12 @@ mbed TLS ChangeLog (Sorted per branch, date)
|
|||
|
||||
= mbed TLS 2.16.x branch released xxxx-xx-xx
|
||||
|
||||
Security
|
||||
* Fix side channel vulnerability in ECDSA key generation. Obtaining precise
|
||||
timings on the comparison in the key generation enabled the attacker to
|
||||
learn leading bits of the ephemeral key used during ECDSA signatures and to
|
||||
recover the private key. Reported by Jeremy Dubeuf.
|
||||
|
||||
Bugfix
|
||||
* Remove redundant line for getting the bitlen of a bignum, since the variable
|
||||
holding the returned value is overwritten a line after.
|
||||
|
|
Loading…
Reference in a new issue