diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2014-03-12 14:16:19 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2014-03-12 14:16:19 +0000 |
commit | 2198be3483259de374f91e57d247d0fc667aef29 (patch) | |
tree | 4f90995bbbd9f9a676314b1c35b4f8f72084dad9 /CHANGES | |
parent | 6fe498497c38378df332e7938ebcc60686de4c91 (diff) |
Fix for CVE-2014-0076
Fix for the attack described in the paper "Recovering OpenSSL
ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
by Yuval Yarom and Naomi Benger. Details can be obtained from:
http://eprint.iacr.org/2014/140
Thanks to Yuval Yarom and Naomi Benger for discovering this
flaw and to Yuval Yarom for supplying a fix.
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 9 |
1 files changed, 8 insertions, 1 deletions
@@ -4,7 +4,14 @@ Changes between 1.0.0l and 1.0.0m [xx XXX xxxx] - *) + *) Fix for the attack described in the paper "Recovering OpenSSL + ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" + by Yuval Yarom and Naomi Benger. Details can be obtained from: + http://eprint.iacr.org/2014/140 + + Thanks to Yuval Yarom and Naomi Benger for discovering this + flaw and to Yuval Yarom for supplying a fix (CVE-2014-0076) + [Yuval Yarom and Naomi Benger] Changes between 1.0.0k and 1.0.0l [6 Jan 2014] |