From: Nicola Tuveri <nic.tuv@gmail.com>
Date: Tue, 19 Jun 2018 13:55:29 +0000 (+0300)
Subject: [fixup] Add CHANGES entry
X-Git-Tag: OpenSSL_1_1_1-pre9~261
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=379f846387348b1090054b56f1d31cdbcbd64196

[fixup] Add CHANGES entry

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6116)
---

diff --git a/CHANGES b/CHANGES
index 4dc065923c..8b4a8bbe10 100644
--- a/CHANGES
+++ b/CHANGES
@@ -8,6 +8,13 @@
  release branch.
 
  Changes between 1.1.0h and 1.1.1 [xx XXX xxxx]
+  *) Make ec_group_do_inverse_ord() more robust and available to other
+     EC cryptosystems, so that irrespective of BN_FLG_CONSTTIME, SCA
+     mitigations are applied to the fallback BN_mod_inverse().
+     When using this function rather than BN_mod_inverse() directly, new
+     EC cryptosystem implementations are then safer-by-default.
+     [Billy Bob Brumley]
+
   *) Add coordinate blinding for EC_POINT and implement projective
      coordinate blinding for generic prime curves as a countermeasure to
      chosen point SCA attacks.