openssl - Mirror of https://github.com/openssl/openssl

diff options

author	Dmitry Belyavsky <beldmit@gmail.com>	2016-09-19 16:05:53 +0100
committer	Matt Caswell <matt@openssl.org>	2016-09-22 09:22:05 +0100
commit	92c8d6ae0d741fdca3b72baf627d16908dae64ce (patch)
tree	04ddd43ab342d57bde9868a5e12c8e6ca6398945 /NEWS
parent	38f59bd1f1da9f5ef67044b35af26528e5b183dd (diff)

Avoid KCI attack for GOST

Russian GOST ciphersuites are vulnerable to the KCI attack because they use long-term keys to establish the connection when ssl client authorization is on. This change brings the GOST implementation into line with the latest specs in order to avoid the attack. It should not break backwards compatibility. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>

Diffstat (limited to 'NEWS')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: