update Changelog
This commit is contained in:
parent
4ce7dae59e
commit
2cbf5a2ee5
13
ChangeLog
13
ChangeLog
@ -28,6 +28,19 @@ history is also available from Git.
|
|||||||
|
|
||||||
LibreSSL Portable Release Notes:
|
LibreSSL Portable Release Notes:
|
||||||
|
|
||||||
|
2.4.5 - Security and compatibility fixes
|
||||||
|
|
||||||
|
* Avoid a side-channel cache-timing attack that can leak the ECDSA
|
||||||
|
private keys when signing. This is due to BN_mod_inverse() being
|
||||||
|
used without the constant time flag being set.
|
||||||
|
|
||||||
|
This issue was reported by Cesar Pereida Garcia and Billy Brumley
|
||||||
|
(Tampere University of Technology). The fix was developed by Cesar
|
||||||
|
Pereida Garcia.
|
||||||
|
|
||||||
|
* iOS and MacOS compatibility updates from Simone Basso and Jacob
|
||||||
|
Berkman.
|
||||||
|
|
||||||
2.4.4 - Reliability improvements
|
2.4.4 - Reliability improvements
|
||||||
|
|
||||||
* Avoid continual processing of an unlimited number of TLS records,
|
* Avoid continual processing of an unlimited number of TLS records,
|
||||||
|
Loading…
Reference in New Issue
Block a user