diff options
author | Jack Lloyd <[email protected]> | 2017-09-28 11:00:32 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2017-09-28 11:00:32 -0400 |
commit | eadb113289dffbf294f6d499193713b120f79f64 (patch) | |
tree | 03bd62e273f18d645e1d54d628ebd0551c7ed83c | |
parent | 95df7f155570949837e8e28e733f3d59408092da (diff) |
Update news
-rw-r--r-- | doc/authors.txt (renamed from authors.txt) | 8 | ||||
-rw-r--r-- | doc/security.rst | 11 | ||||
-rw-r--r-- | news.rst | 5 |
3 files changed, 16 insertions, 8 deletions
diff --git a/authors.txt b/doc/authors.txt index ee6a10e9d..2703facbd 100644 --- a/authors.txt +++ b/doc/authors.txt @@ -1,18 +1,10 @@ -The original author and current release manager is - Jack Lloyd - -With extensive and ongoing contributions by several individuals - Daniel Neus (Rohde & Schwarz Cybersecurity) Falko Strenzke (cryptosource GmbH) Juraj Somorovsky (Hackmanit GmbH) Matthias Gierlings (Hackmanit GmbH) René Korthaus (Rohde & Schwarz Cybersecurity) Simon Warta (Kullo GmbH) - -And with many other contributors including - Peter J Jones Justin Karneges Vaclav Ovsik diff --git a/doc/security.rst b/doc/security.rst index 4b755da8d..a36173bc2 100644 --- a/doc/security.rst +++ b/doc/security.rst @@ -18,6 +18,17 @@ https://keybase.io/jacklloyd and on most PGP keyservers. 2017 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +* 2017-10-02 (CVE-2017-14737): Potential side channel using cache information + + In the Montgomery exponentiation code, a table of precomputed values + is used. An attacker able to analyze which cache lines were accessed + (perhaps via an active attack such as Prime+Probe) could recover + information about the exponent. Identified in "CacheD: Identifying + Cache-Based Timing Channels in Production Software" by Wang, Wang, + Liu, Zhang, and Wu (Usenix Security 2017). + + Fixed in 1.10.17 and 2.3.0, all prior versions affected. + * 2017-07-16: Failure to fully zeroize memory before free The secure_allocator type attempts to zeroize memory before freeing it. Due to @@ -4,6 +4,11 @@ Release Notes Version 2.3.0, Not Yet Released ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +* Address a side channel affecting modular exponentiation. An attacker + capabable of a local or cross-VM cache analysis attack may be able + to recover bits of secret exponents as used in RSA, DH, etc. + CVE-2017-14737 + * Add the SHACAL2 block cipher, including optimizations using SIMD and SHA-NI instructions. (GH #1151) |