aboutsummaryrefslogtreecommitdiffstats
path: root/news.rst
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2018-04-10 09:17:29 -0400
committerJack Lloyd <[email protected]>2018-04-10 09:17:29 -0400
commitd7d080992372cf4fbd569cce1d8cd6aa7599fa0d (patch)
tree661ccfa11387ed50342c5e61f50c66a2db04f93a /news.rst
parent7ea78896c75f4c45f26175931cd08a555974f29d (diff)
Update for 2.6.0 release2.6.0
Diffstat (limited to 'news.rst')
-rw-r--r--news.rst8
1 files changed, 7 insertions, 1 deletions
diff --git a/news.rst b/news.rst
index 73f691462..29eae9cff 100644
--- a/news.rst
+++ b/news.rst
@@ -1,9 +1,15 @@
Release Notes
========================================
-Version 2.6.0, Not Yet Released
+Version 2.6.0, 2018-04-10
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+* CVE-2018-9860 Fix a bug decrypting TLS CBC ciphertexts which could
+ for a malformed ciphertext cause the decryptor to read and HMAC an
+ additional 64K bytes of data which is not part of the record. This
+ could cause a crash if the read went into unmapped memory. No
+ information leak or out of bounds write occurs.
+
* Add support for OAEP labels (GH #1508)
* RSA signing is about 15% faster (GH #1523) and RSA verification is