Update 1.11.35 relnotes [ci skip]

author: Jack Lloyd <[email protected]> 2016-12-11 14:05:26 -0500
committer: Jack Lloyd <[email protected]> 2016-12-11 14:05:26 -0500
commit: 47553063c58f7b34aa477f2820d8ff1e2414e997 (patch)
tree: cbf29fad7d2bc4b2c01493babbc389cdca02c9ab
parent: 60fe514a6b2990728cfa22e24dc340629024a6cd (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/news.rst b/news.rst
index 211d39abe..396164068 100644
--- a/news.rst
+++ b/news.rst
@@ -11,8 +11,12 @@ Version 1.11.35, Not Yet Released
 * Allow use of custom extensions when creating X.509 certificates
   (GH #744)
 
-* Add signature padding schemes from ISO 9796-2 providing message recovery.
-  (GH #759)
+* Add ISO 9796-2 signature padding schemes DS2 and DS3. These schemes provide message recovery
+  (part or all of the plaintext message can be recovered from the signature alone) and are
+  used by some industry protocols. (GH #759)
+
+* Rewrite all the code that handles parsing CBC padding bytes to run
+  without conditional jumps or loads. (GH #765 #728)
 
 * Fix deref of invalid memory location in TLS client when the server chooses a
   ciphersuite value larger than the largest TLS ciphersuite ID compiled into the
author	Jack Lloyd <[email protected]>	2016-12-11 14:05:26 -0500
committer	Jack Lloyd <[email protected]>	2016-12-11 14:05:26 -0500
commit	47553063c58f7b34aa477f2820d8ff1e2414e997 (patch)
tree	cbf29fad7d2bc4b2c01493babbc389cdca02c9ab
parent	60fe514a6b2990728cfa22e24dc340629024a6cd (diff)