diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-07-07 19:49:45 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-07-07 19:49:45 +0200 |
commit | b4fc72e21e191ff4f037696d2e66b4fff36d509a (patch) | |
tree | a0b6765e8b10b3e097c4ea2bba652184a811ef55 | |
parent | 1c85149bac617f7fd77df60caf606c6cf21fc1c9 (diff) | |
download | gnutls-b4fc72e21e191ff4f037696d2e66b4fff36d509a.tar.gz |
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-rw-r--r-- | NEWS | 7 |
1 files changed, 5 insertions, 2 deletions
@@ -13,8 +13,11 @@ See the end for copying conditions. ** libgnutls: Corrected infinite loop when an incorrect PIN was provided via pin-value or pin-source. -** Improved counter-measures for TLS CBC record padding, when encrypt-then-MAC - mode is not used. +** Improved counter-measures for TLS CBC record padding. Kenny Paterson, Eyal Ronen + and Adi Shamir reported that the existing counter-measures had certain issues and + were insufficient under a new Lucky13-type of attack which shares the cache and + chosen-plaintext. This affected the legacy CBC ciphersuites when the encrypt-then-MAC + TLS feature was not supported by the peer. ** The ciphers utilizing HMAC-SHA384 and SHA256 have been removed from the default priority strings. They are not necessary for compatibility or other purpose and |