aboutsummaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
authorlloyd <[email protected]>2013-12-06 21:14:55 +0000
committerlloyd <[email protected]>2013-12-06 21:14:55 +0000
commitc29e711dcebbfeeed813bd211d0090a2f00e4b38 (patch)
treef41066a2f63c7ca99438f4bb711a0c2117d4e64c /doc
parent37609eba0f730fdcb0daf84d5f9c239b27fb010c (diff)
Fix OAEP key size check during encoding, and an array over-read when
decoding a message that was so large we decided it was invalid and truncated it.
Diffstat (limited to 'doc')
-rw-r--r--doc/relnotes/1_11_6.rst5
1 files changed, 5 insertions, 0 deletions
diff --git a/doc/relnotes/1_11_6.rst b/doc/relnotes/1_11_6.rst
index b51339791..79b2dca2e 100644
--- a/doc/relnotes/1_11_6.rst
+++ b/doc/relnotes/1_11_6.rst
@@ -1,6 +1,11 @@
Version 1.11.6, Not Yet Released
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+* OAEP had two bugs, one of which allowed it to be used even if the
+ key was too small, and the other of which would cause a crash during
+ decoding if the input was too large to have been created for the
+ associated key.
+
* Botan now requires Boost, specifically the filesystem and asio libraries.
* The default TLS policy no longer includes RC4 in the cipher list.