diff options
author | Jack Lloyd <[email protected]> | 2016-04-23 07:19:47 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2016-04-23 07:19:47 -0400 |
commit | 9404bddb4d86ac79befa7b17a3ba8e7a5512a765 (patch) | |
tree | a6d32a3a35530aa012fee39ce8224fc3b2a9d077 /doc/news.rst | |
parent | f645c0113fe1b1b3233186f081651e8adbe50fc0 (diff) |
Update for 1.10.13 release
Diffstat (limited to 'doc/news.rst')
-rw-r--r-- | doc/news.rst | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/doc/news.rst b/doc/news.rst index b1a04302a..fe6b5c4b7 100644 --- a/doc/news.rst +++ b/doc/news.rst @@ -23,6 +23,18 @@ Version 1.11.30, Not Yet Released caused incorrect computation when the plaintext or AAD was exactly a multiple of 16 bytes. +Version 1.10.13, 2016-04-23 +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +* Use constant time modular inverse algorithm to avoid possible + side channel attack against ECDSA (CVE-2016-2849) + +* Use constant time PKCS #1 unpadding to avoid possible side channel + attack against RSA decryption (CVE-2015-7827) + +* Avoid a compilation problem in OpenSSL engine when ECDSA was + disabled. Gentoo bug 542010 + Version 1.11.29, 2016-03-20 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ |