Fix potential timing issue in RSA pms handling

commit: 6674cce892f61d6114eb3340f1b8dfb092a66f78 [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Fri Feb 06 10:30:58 2015 +0000
committer: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Fri Feb 06 11:36:56 2015 +0000
tree: ba01ad2ff105aa2b0dbfebea62f0f872c4021541
parent: 555fbf875806a12eaf702a99431627977c59c08f [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index 9fadf1f..bb7dfb1 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -18,6 +18,9 @@
    * Fix potential stack overflow while parsing crafted X.509 certificates
      (TLS server is not affected if it doesn't ask for a client certificate)
      (found using Codenomicon Defensics).
+   * Fix timing difference that could theoretically lead to a
+     Bleichenbacher-style attack in the RSA and RSA-PSK key exchanges
+     (reported by Sebastian Schinzel).
 
 Features
    * Add support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv).
commit	6674cce892f61d6114eb3340f1b8dfb092a66f78	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Fri Feb 06 10:30:58 2015 +0000
committer	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Fri Feb 06 11:36:56 2015 +0000
tree	ba01ad2ff105aa2b0dbfebea62f0f872c4021541
parent	555fbf875806a12eaf702a99431627977c59c08f [diff] [blame]