From b79aa05e3babdbab92c6356f6e51f7bb43c41576 Mon Sep 17 00:00:00 2001
From: "Mark J. Cox" <mark@openssl.org>
Date: Tue, 5 Sep 2006 08:58:03 +0000
Subject: Avoid PKCS #1 v1.5 signature attack discovered by Daniel
 Bleichenbacher (CVE-2006-4339)

Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
---
 CHANGES | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

(limited to 'CHANGES')

diff --git a/CHANGES b/CHANGES
index 36f46eb159..639b2323fc 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,9 @@
 
  Changes between 0.9.8b and 0.9.9  [xx XXX xxxx]
 
+  *) Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
+     (CVE-2006-4339)  [Ben Laurie and Google Security Team]
+
   *) Allow multiple CRLs to exist in an X509_STORE with matching issuer names.
      Modify get_crl() to find a valid (unexpired) CRL if possible.
      [Steve Henson]
@@ -377,7 +380,12 @@
   *) Change 'Configure' script to enable Camellia by default.
      [NTT]
 
- Changes between 0.9.8b and 0.9.8c  [xx XXX xxxx]
+ Changes between 0.9.8c and 0.9.8d  [xx XXX xxxx]
+
+ Changes between 0.9.8b and 0.9.8c  [05 Sep 2006]
+
+  *) Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
+     (CVE-2006-4339)  [Ben Laurie and Google Security Team]
 
   *) Add AES IGE and biIGE modes.
      [Ben Laurie]
@@ -1335,7 +1343,12 @@
      differing sizes.
      [Richard Levitte]
 
- Changes between 0.9.7j and 0.9.7k  [xx XXX xxxx]
+ Changes between 0.9.7k and 0.9.7l  [xx XXX xxxx]
+
+ Changes between 0.9.7j and 0.9.7k  [05 Sep 2006]
+
+  *) Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
+     (CVE-2006-4339)  [Ben Laurie and Google Security Team]
 
   *) Change the Unix randomness entropy gathering to use poll() when
      possible instead of select(), since the latter has some
-- 
cgit v1.2.3