projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
SCA hardening for mod. field inversion in EC_GROUP
[openssl.git] / CHANGES
diff --git a/CHANGES b/CHANGES
index b810a1293619ba835654a7277f3464d630707144..d0b6fd7f2f1f0c1b4185890362df31a2e100fe3e 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,16 @@
 
  Changes between 1.1.0j and 1.1.0k [xx XXX xxxx]
 
+  *) Added SCA hardening for modular field inversion in EC_GROUP through
+     a new dedicated field_inv() pointer in EC_METHOD.
+     This also addresses a leakage affecting conversions from projective
+     to affine coordinates.
+     [Billy Bob Brumley, Nicola Tuveri]
+
+  *) Fix a use after free bug in d2i_X509_PUBKEY when overwriting a
+     re-used X509_PUBKEY object if the second PUBKEY is malformed.
+     [Bernd Edlinger]
+
   *) Move strictness check from EVP_PKEY_asn1_new() to EVP_PKEY_asn1_add0().
      [Richard Levitte]
 
Unnamed repository; edit this file 'description' to name the repository.