projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
add 'unsupported cipher mode' diagnostics to evp_lib.c and genpkey.c
[openssl.git] / CHANGES
diff --git a/CHANGES b/CHANGES
index 612da599b1bea4469fb1860b32889f29fd8712a8..fe3e13aa0d8e792b51e8a11a0fffc40a335b8829 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -8,6 +8,14 @@
  release branch.
 
  Changes between 1.1.0h and 1.1.1 [xx XXX xxxx]
+  *) Add blinding to an ECDSA signature to protect against side channel attacks
+     discovered by Keegan Ryan (NCC Group).
+     [Matt Caswell]
+
+  *) Enforce checking in the pkeyutl command line app to ensure that the input
+     length does not exceed the maximum supported digest length when performing
+     a sign, verify or verifyrecover operation.
+     [Matt Caswell]
 
   *) SSL_MODE_AUTO_RETRY is enabled by default. Applications that use blocking
      I/O in combination with something like select() or poll() will hang. This
Unnamed repository; edit this file 'description' to name the repository.