Add ChangeLog message for EC private exponent information leak

commit: 25e39d38bd295eef1c5cac5976afee2dcf265517 [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Thu Oct 19 10:10:18 2017 +0100
committer: Hanno Becker <hanno.becker@arm.com> Wed Oct 25 15:46:31 2017 +0100
tree: 93b59c1fd2d9cc8cb8bd4f5d5ef5a9e0ebaa3eac
parent: cf873f74d40690e1c76ade0b6dadf228bc71d398 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index 55e8cf1..4e919c9 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -8,6 +8,8 @@
      and omitted for the sake of saving memory, but potentially
      leading to slight timing differences.
      Reported by Marco Macchetti, Kudelski Group.
+   * Wipe stack buffer temporarily holding EC private exponent
+     after keypair generation.
 
 Bugfix
    * Fix ssl_parse_record_header() to silently discard invalid DTLS records
commit	25e39d38bd295eef1c5cac5976afee2dcf265517	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Thu Oct 19 10:10:18 2017 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Wed Oct 25 15:46:31 2017 +0100
tree	93b59c1fd2d9cc8cb8bd4f5d5ef5a9e0ebaa3eac
parent	cf873f74d40690e1c76ade0b6dadf228bc71d398 [diff] [blame]