diff options
Diffstat (limited to 'ChangeLog.d/ssl-mac-zeroize.txt')
-rw-r--r-- | ChangeLog.d/ssl-mac-zeroize.txt | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/ChangeLog.d/ssl-mac-zeroize.txt b/ChangeLog.d/ssl-mac-zeroize.txt new file mode 100644 index 0000000..b49c7ac --- /dev/null +++ b/ChangeLog.d/ssl-mac-zeroize.txt @@ -0,0 +1,5 @@ +Security + * Zeroize intermediate variables used to calculate the MAC in CBC cipher + suites. This hardens the library in case stack memory leaks through a + memory disclosure vulnerabilty, which could formerly have allowed a + man-in-the-middle to inject fake ciphertext into a DTLS connection. |