Add.

author: Simon Josefsson <simon@josefsson.org> 2006-09-08 13:45:19 +0000
committer: Simon Josefsson <simon@josefsson.org> 2006-09-08 13:45:19 +0000
commit: cf484378bc695096b9fda1b3302aecf86f4f146f (patch)
tree: ce4acee2810221b12a9d629665e74f2edb3d3420
parent: c03f8dfaa3a3e002963160231e50f4693508f918 (diff)
download: gnutls-cf484378bc695096b9fda1b3302aecf86f4f146f.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 752fbd60ba..233b426596 100644
--- a/NEWS
+++ b/NEWS
@@ -5,8 +5,16 @@ See the end for copying conditions.
 
 * Version 1.4.3 (unreleased)
 
+** Fix PKCS#1 verification to avoid a variant of Bleichenbacher's
+** Crypto 06 rump session attack.
+In particular, we check that the digestAlgorithm.parameters field is
+empty, to avoid that it can contain "garbage" that may be used to
+alter the numeric properties of the signature.  Reported by Yutaka
+OIWA <y.oiwa@aist.go.jp>.
+
 ** Fix PKCS#1 decryption to avoid Bleichenbacher's Crypto 98 attack.
 See <http://www.bell-labs.com/user/bleichen/papers/pkcs.ps.gz>.
+Reported by Werner Koch <wk@gnupg.org>.
 
 ** Fix crash in gnutls_x509_crt_sign2 if passed a NULL issuer_key.
author	Simon Josefsson <simon@josefsson.org>	2006-09-08 13:45:19 +0000
committer	Simon Josefsson <simon@josefsson.org>	2006-09-08 13:45:19 +0000
commit	cf484378bc695096b9fda1b3302aecf86f4f146f (patch)
tree	ce4acee2810221b12a9d629665e74f2edb3d3420
parent	c03f8dfaa3a3e002963160231e50f4693508f918 (diff)
download	gnutls-cf484378bc695096b9fda1b3302aecf86f4f146f.tar.gz