diff options
Diffstat (limited to 'doc/security.rst')
| -rw-r--r-- | doc/security.rst | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/doc/security.rst b/doc/security.rst index cd84997cc..07292132a 100644 --- a/doc/security.rst +++ b/doc/security.rst @@ -18,13 +18,12 @@ https://keybase.io/jacklloyd and on most PGP keyservers. 2018 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -* 2018-06-13 (CVE-2018-0495): ECDSA side channel +* 2018-06-13 (CVE-2018-12435): ECDSA side channel A side channel in the ECDSA signature operation could allow a local attacker to recover the secret key. Found by Keegan Ryan of NCC Group. - Fixed in 2.7.0. Due to a slight difference in code structure, versions before - 2.5.0 are not affected by this issue. + Bug introduced in 2.5.0, fixed in 2.7.0. The 1.10 branch is not affected. * 2018-04-10 (CVE-2018-9860): Memory overread in TLS CBC decryption |