diff options
| author | Jack Lloyd <[email protected]> | 2016-11-28 06:23:50 -0500 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2016-11-28 06:23:50 -0500 |
| commit | 9a8ec147287ab07fac3ee3d918f508da920c30c8 (patch) | |
| tree | 5ee0a70810fbf3615728621a93dbc8b73b706203 /doc | |
| parent | b816a3652c1359028f59d64a2f742564547ab782 (diff) | |
Note range of versions affected by CVE-2016-9132
[ci skip]
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/security.rst | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/doc/security.rst b/doc/security.rst index a2dc6f248..e7e665a62 100644 --- a/doc/security.rst +++ b/doc/security.rst @@ -30,6 +30,8 @@ Advisories cause an overflow on 64-bit the parsed data would have to be many gigabytes. Bug found by Falko Strenzke, cryptosource GmbH. + Fixed in 1.10.14 and 1.11.34, all prior versions affected. + * 2016-10-26 (CVE-2016-8871) OAEP side channel A side channel in OAEP decoding could be used to distinguish RSA ciphertexts |