doc update [ci skip]

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2018-07-07 19:49:45 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2018-07-07 19:49:45 +0200
commit: b4fc72e21e191ff4f037696d2e66b4fff36d509a (patch)
tree: a0b6765e8b10b3e097c4ea2bba652184a811ef55
parent: 1c85149bac617f7fd77df60caf606c6cf21fc1c9 (diff)
download: gnutls-b4fc72e21e191ff4f037696d2e66b4fff36d509a.tar.gz
1 files changed, 5 insertions, 2 deletions
diff --git a/NEWS b/NEWS
index a1f9350962..eee4314ed4 100644
--- a/NEWS
+++ b/NEWS
@@ -13,8 +13,11 @@ See the end for copying conditions.
 ** libgnutls: Corrected infinite loop when an incorrect PIN was provided
    via pin-value or pin-source.
 
-** Improved counter-measures for TLS CBC record padding, when encrypt-then-MAC
-   mode is not used.
+** Improved counter-measures for TLS CBC record padding. Kenny Paterson, Eyal Ronen
+   and Adi Shamir reported that the existing counter-measures had certain issues and
+   were insufficient under a new Lucky13-type of attack which shares the cache and
+   chosen-plaintext. This affected the legacy CBC ciphersuites when the encrypt-then-MAC
+   TLS feature was not supported by the peer.
 
 ** The ciphers utilizing HMAC-SHA384 and SHA256 have been removed from the default
    priority strings. They are not necessary for compatibility or other purpose and
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-07-07 19:49:45 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-07-07 19:49:45 +0200
commit	b4fc72e21e191ff4f037696d2e66b4fff36d509a (patch)
tree	a0b6765e8b10b3e097c4ea2bba652184a811ef55
parent	1c85149bac617f7fd77df60caf606c6cf21fc1c9 (diff)
download	gnutls-b4fc72e21e191ff4f037696d2e66b4fff36d509a.tar.gz