diff options
author | Jack Lloyd <[email protected]> | 2018-04-10 09:17:29 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2018-04-10 09:17:29 -0400 |
commit | d7d080992372cf4fbd569cce1d8cd6aa7599fa0d (patch) | |
tree | 661ccfa11387ed50342c5e61f50c66a2db04f93a /news.rst | |
parent | 7ea78896c75f4c45f26175931cd08a555974f29d (diff) |
Update for 2.6.0 release2.6.0
Diffstat (limited to 'news.rst')
-rw-r--r-- | news.rst | 8 |
1 files changed, 7 insertions, 1 deletions
@@ -1,9 +1,15 @@ Release Notes ======================================== -Version 2.6.0, Not Yet Released +Version 2.6.0, 2018-04-10 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +* CVE-2018-9860 Fix a bug decrypting TLS CBC ciphertexts which could + for a malformed ciphertext cause the decryptor to read and HMAC an + additional 64K bytes of data which is not part of the record. This + could cause a crash if the read went into unmapped memory. No + information leak or out of bounds write occurs. + * Add support for OAEP labels (GH #1508) * RSA signing is about 15% faster (GH #1523) and RSA verification is |