aboutsummaryrefslogtreecommitdiffstats
path: root/doc/security.rst
Commit message (Collapse)AuthorAgeFilesLines
* Note range of versions affected by CVE-2016-9132Jack Lloyd2016-11-281-0/+2
| | | | [ci skip]
* Update newsJack Lloyd2016-11-281-1/+1
|
* Check for overflow in BER decoder EOC scanningJack Lloyd2016-11-271-1/+10
|
* Fix Sphinx formatting errorsJack Lloyd2016-11-061-3/+5
| | | | [ci skip]
* Fix ReST formatting [ci skip]Jack Lloyd2016-10-261-1/+1
|
* Final changes for 1.11.33 release1.11.33Jack Lloyd2016-10-261-0/+14
|
* Update my email address and PGP keysJack Lloyd2016-10-251-2/+2
| | | | | | | [email protected] is still a valid email address for me but I am using [email protected] going forward. [ci skip]
* Update for 1.11.31 release1.11.31Jack Lloyd2016-08-301-0/+18
|
* Doc updatesJack Lloyd2016-04-281-2/+2
| | | | [ci skip]
* Release 1.11.291.11.29Jack Lloyd2016-03-201-2/+25
|
* Update news for 1.11.27 release1.11.27Jack Lloyd2016-02-011-3/+5
|
* Fix heap overflow in ECC point multiplicationJack Lloyd2016-02-011-1/+34
| | | | | | | | | | | | | | If affine coordinates larger than the prime modulus were given, a later multiplication could overflow the size of an allocated output buffer, which was sized based on the size of the prime. This will cause an overflow into either the system heap or if the mlock/mmap pool allocator is in use, then into the adjacent key material stored in the pool. Reported by Alex Gaynor who found it with AFL Also fix a one word overwrite in P-521 reduction. Found with AFL
* Fix (nearly) infinite loop in RESSOL (modular square root).Jack Lloyd2016-02-011-0/+13
| | | | | | | It first computed the first i for q**(2**i) == 1, then checked that i was smaller than s. Given a composite modulus (for which the algorithm does not work), the loop might do a very large amount of work before returning the failure.
* Update for 1.11.24 release1.11.24Jack Lloyd2015-11-041-0/+11
|
* 1.11.22 release1.11.22Jack Lloyd2015-10-261-4/+63
|
* Add security notifications/advisory page to website.Jack Lloyd2015-10-151-0/+51
Based on GH #272
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-14 13:29:13 +0000