aboutsummaryrefslogtreecommitdiffstats
path: root/doc/security.rst
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2016-11-28 06:23:50 -0500
committerJack Lloyd <[email protected]>2016-11-28 06:23:50 -0500
commit9a8ec147287ab07fac3ee3d918f508da920c30c8 (patch)
tree5ee0a70810fbf3615728621a93dbc8b73b706203 /doc/security.rst
parentb816a3652c1359028f59d64a2f742564547ab782 (diff)
Note range of versions affected by CVE-2016-9132
[ci skip]
Diffstat (limited to 'doc/security.rst')
-rw-r--r--doc/security.rst2
1 files changed, 2 insertions, 0 deletions
diff --git a/doc/security.rst b/doc/security.rst
index a2dc6f248..e7e665a62 100644
--- a/doc/security.rst
+++ b/doc/security.rst
@@ -30,6 +30,8 @@ Advisories
cause an overflow on 64-bit the parsed data would have to be many gigabytes.
Bug found by Falko Strenzke, cryptosource GmbH.
+ Fixed in 1.10.14 and 1.11.34, all prior versions affected.
+
* 2016-10-26 (CVE-2016-8871) OAEP side channel
A side channel in OAEP decoding could be used to distinguish RSA ciphertexts