commit | 25e39d38bd295eef1c5cac5976afee2dcf265517 | [log] [tgz] |
---|---|---|
author | Hanno Becker <hanno.becker@arm.com> | Thu Oct 19 10:10:18 2017 +0100 |
committer | Hanno Becker <hanno.becker@arm.com> | Wed Oct 25 15:46:31 2017 +0100 |
tree | 93b59c1fd2d9cc8cb8bd4f5d5ef5a9e0ebaa3eac | |
parent | cf873f74d40690e1c76ade0b6dadf228bc71d398 [diff] [blame] |
Add ChangeLog message for EC private exponent information leak
diff --git a/ChangeLog b/ChangeLog index 55e8cf1..4e919c9 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -8,6 +8,8 @@ and omitted for the sake of saving memory, but potentially leading to slight timing differences. Reported by Marco Macchetti, Kudelski Group. + * Wipe stack buffer temporarily holding EC private exponent + after keypair generation. Bugfix * Fix ssl_parse_record_header() to silently discard invalid DTLS records