version 1.12, 2018/12/12 17:12:51 |
version 1.13, 2018/12/14 10:10:35 |
|
|
<li>Bug Fixes |
<li>Bug Fixes |
<ul> |
<ul> |
<li> |
<li> |
Fix timing vulnerability in ECDSA signature generation (CVE-2018-0735). |
Improved protection against timing side channels in ECDSA signature |
|
generation. |
<li> |
<li> |
Fix for Portsmash vulnerability originally by Brumley, ul Hassan and |
Coordinate blinding was added to to some elliptic curves. |
Tuveri. |
This is the last bit of the work by Brumley et al. to protect against |
|
the Portsmash vulnerability. |
<li> |
<li> |
Ensure transcript handshake is always freed with TLS 1.2. |
Ensure transcript handshake is always freed with TLS 1.2. |
</ul> |
</ul> |