diff options
author | Dave Rodgman <dave.rodgman@arm.com> | 2023-09-28 11:34:07 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-09-28 11:34:07 +0100 |
commit | 3a098e90902a1c4922490b16d45ee882636a8d38 (patch) | |
tree | 1aacc087b31b59354476c85b755d759163da4303 | |
parent | 641250f42bae87377a0e57f5b14925d118694827 (diff) | |
parent | e614129895c8f3d27db24cc5ee72ceb72c0e0e7f (diff) | |
download | mbedtls-3a098e90902a1c4922490b16d45ee882636a8d38.tar.gz |
Merge pull request #1084 from daverodgman/update-ct-changelog
Update padding const-time fix changelog
-rw-r--r-- | ChangeLog.d/padding-ct-changelog.txt | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/ChangeLog.d/padding-ct-changelog.txt b/ChangeLog.d/padding-ct-changelog.txt index e3d3424a9..3e2c7e2e8 100644 --- a/ChangeLog.d/padding-ct-changelog.txt +++ b/ChangeLog.d/padding-ct-changelog.txt @@ -1,6 +1,6 @@ Security * Improve padding calculations in CBC decryption, NIST key unwrapping and RSA OAEP decryption. With the previous implementation, some compilers - (notably recent versions of Clang) could produce non-constant time code, - which could allow a padding oracle attack if the attacker has access to - precise timing measurements. + (notably recent versions of Clang and IAR) could produce non-constant + time code, which could allow a padding oracle attack if the attacker + has access to precise timing measurements. |