===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/65.html,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- www/65.html 2018/12/12 17:12:51 1.12
+++ www/65.html 2018/12/14 10:10:35 1.13
@@ -147,10 +147,12 @@
Bug Fixes
-
- Fix timing vulnerability in ECDSA signature generation (CVE-2018-0735).
+ Improved protection against timing side channels in ECDSA signature
+ generation.
-
- Fix for Portsmash vulnerability originally by Brumley, ul Hassan and
- Tuveri.
+ Coordinate blinding was added to to some elliptic curves.
+ This is the last bit of the work by Brumley et al. to protect against
+ the Portsmash vulnerability.
-
Ensure transcript handshake is always freed with TLS 1.2.