aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2018-06-14 11:39:23 -0400
committerJack Lloyd <[email protected]>2018-06-14 11:39:23 -0400
commit9d90181c2421cebed1b2b43d5a80f537bec5b977 (patch)
tree87bb82ef3925ba4c14d44e27b7ac681f8b8d1716
parent071d6a9560365fd13dd68af66e84e80b3d7d7e37 (diff)
Update news [ci skip]
-rw-r--r--news.rst4
1 files changed, 4 insertions, 0 deletions
diff --git a/news.rst b/news.rst
index 18df007c9..e1e9692b6 100644
--- a/news.rst
+++ b/news.rst
@@ -4,6 +4,8 @@ Release Notes
Version 2.7.0, Not Yet Released
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+* CVE-2018-0495 Avoid a side channel in ECDSA signature generation (GH #1604)
+
* Avoid a side channel in RSA key generation due to use of a non-constant time
gcd algorithm. (GH #1542 #1556)
@@ -41,6 +43,8 @@ Version 2.7.0, Not Yet Released
* Correct an error that could in rare cases cause an internal error exception
when doing computations with the P-224 curve.
+* Reduce allocations/copies during BER decoding (GH #1600)
+
* Botan generates X.509 subject key IDs by hashing the public key with
whatever hash function is being used to sign the certificate. However
especially for SHA-512 this caused SKIDs that were far longer than