Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/openssl/openssl.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/CHANGES
diff options
context:
space:
mode:
authorBodo Möller <bodo@openssl.org>2003-03-19 22:19:58 +0300
committerBodo Möller <bodo@openssl.org>2003-03-19 22:19:58 +0300
commit409a5de586858776a5dfc12be3184983d6a7c3e7 (patch)
tree2aede7b6b712f8611b368817dc0adbeb3dded20c /CHANGES
parent84b1e84af13ac935c554eb9466c0b299f675ab8a (diff)
countermeasure against new Klima-Pokorny-Rosa atack
Diffstat (limited to 'CHANGES')
-rw-r--r--CHANGES6
1 files changed, 6 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 73ca1e18a5..ee000a3da6 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,12 @@
Changes between 0.9.7a and 0.9.7b [xx XXX 2003]
+ *) Countermeasure against the Klima-Pokorny-Rosa extension of
+ Bleichbacher's attack on PKCS #1 v1.5 padding: treat
+ a protocol version number mismatch like a decryption error
+ in ssl3_get_client_key_exchange (ssl/s3_srvr.c).
+ [Bodo Moeller]
+
*) Turn on RSA blinding by default in the default implementation
to avoid a timing attack. Applications that don't want it can call
RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING.
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-09 02:07:54 +0300