diff options
author | lloyd <[email protected]> | 2013-12-06 21:14:55 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2013-12-06 21:14:55 +0000 |
commit | c29e711dcebbfeeed813bd211d0090a2f00e4b38 (patch) | |
tree | f41066a2f63c7ca99438f4bb711a0c2117d4e64c /doc | |
parent | 37609eba0f730fdcb0daf84d5f9c239b27fb010c (diff) |
Fix OAEP key size check during encoding, and an array over-read when
decoding a message that was so large we decided it was invalid and
truncated it.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/relnotes/1_11_6.rst | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/doc/relnotes/1_11_6.rst b/doc/relnotes/1_11_6.rst index b51339791..79b2dca2e 100644 --- a/doc/relnotes/1_11_6.rst +++ b/doc/relnotes/1_11_6.rst @@ -1,6 +1,11 @@ Version 1.11.6, Not Yet Released ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +* OAEP had two bugs, one of which allowed it to be used even if the + key was too small, and the other of which would cause a crash during + decoding if the input was too large to have been created for the + associated key. + * Botan now requires Boost, specifically the filesystem and asio libraries. * The default TLS policy no longer includes RC4 in the cipher list. |