aboutsummaryrefslogtreecommitdiffstats
path: root/toolchain
diff options
context:
space:
mode:
authorEneas U de Queiroz <cotequeiroz@gmail.com>2019-08-05 14:45:41 -0300
committerHauke Mehrtens <hauke@hauke-m.de>2019-08-17 17:23:17 +0200
commit2df2b75208dce06dee02508c8d589fc5f540023d (patch)
tree6ffd3d40a1af5a5f4cd19e2d3b8dda5739714864 /toolchain
parent09bdc144197fe656f16d691d649ae08b36b4b126 (diff)
downloadupstream-2df2b75208dce06dee02508c8d589fc5f540023d.tar.gz
upstream-2df2b75208dce06dee02508c8d589fc5f540023d.tar.bz2
upstream-2df2b75208dce06dee02508c8d589fc5f540023d.zip
wolfssl: fixes for CVE-2018-16870 & CVE-2019-13628
CVE-2018-16870: medium-severity, new variant of the Bleichenbacher attack to perform downgrade attacks against TLS, which may lead to leakage of sensible data. Backported from 3.15.7. CVE-2019-13628 (currently assigned-only): potential leak of nonce sizes when performing ECDSA signing operations. The leak is considered to be difficult to exploit but it could potentially be used maliciously to perform a lattice based timing attack. Backported from 4.1.0. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Diffstat (limited to 'toolchain')
0 files changed, 0 insertions, 0 deletions