mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-03 19:13:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update changelog text

Browse Source 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman 2023-09-22 16:33:12 +01:00
parent c3cb97896b
commit d162c662b0
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ChangeLog.d/padding-ct-changelog.txt
View File

@ -1,6 +1,6 @@
Security
* Fix non-constant-time behaviour in padding calculations in CBC
decryption, NIST SP 800-38F key wrapping, and RSAAES-OAEP decryption.
For CBC and RSAAES-OAEP, this may have been exploitable in a
padding oracle for a privileged local attacker with the ability to
observe memory access timings.
* Improve padding calculations in CBC decryption, NIST key unwrapping and
RSA OAEP decryption. With the previous implementation, some compilers
(notably recent versions of Clang) could produce non-constant time code,
which could allow a padding oracle attack if the attacker has access to
precise timing measurements.