diff options
author | Simon Josefsson <simon@josefsson.org> | 2006-09-08 13:45:19 +0000 |
---|---|---|
committer | Simon Josefsson <simon@josefsson.org> | 2006-09-08 13:45:19 +0000 |
commit | cf484378bc695096b9fda1b3302aecf86f4f146f (patch) | |
tree | ce4acee2810221b12a9d629665e74f2edb3d3420 | |
parent | c03f8dfaa3a3e002963160231e50f4693508f918 (diff) | |
download | gnutls-cf484378bc695096b9fda1b3302aecf86f4f146f.tar.gz |
Add.
-rw-r--r-- | NEWS | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -5,8 +5,16 @@ See the end for copying conditions. * Version 1.4.3 (unreleased) +** Fix PKCS#1 verification to avoid a variant of Bleichenbacher's +** Crypto 06 rump session attack. +In particular, we check that the digestAlgorithm.parameters field is +empty, to avoid that it can contain "garbage" that may be used to +alter the numeric properties of the signature. Reported by Yutaka +OIWA <y.oiwa@aist.go.jp>. + ** Fix PKCS#1 decryption to avoid Bleichenbacher's Crypto 98 attack. See <http://www.bell-labs.com/user/bleichen/papers/pkcs.ps.gz>. +Reported by Werner Koch <wk@gnupg.org>. ** Fix crash in gnutls_x509_crt_sign2 if passed a NULL issuer_key. |