diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-07-07 19:52:04 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-07-07 19:52:04 +0200 |
commit | 7be78eba6dc33c3ed0787f806c71d75b7c9fe4de (patch) | |
tree | ffed15e24d41f3191a89ff99f05adcea831b6d15 /NEWS | |
parent | 68076057dfd6952a3b7d33f23e20b32072927885 (diff) | |
download | gnutls-7be78eba6dc33c3ed0787f806c71d75b7c9fe4de.tar.gz |
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -50,8 +50,8 @@ See the end for copying conditions. ** Improved counter-measures for TLS CBC record padding. Kenny Paterson, Eyal Ronen and Adi Shamir reported that the existing counter-measures had certain issues and - were insufficient under a new Lucky13-type of attack which shares the cache and - chosen-plaintext. This affected the legacy CBC ciphersuites when the encrypt-then-MAC + were insufficient when the attacker could access the cache and perform chosen- + plaintext. This affected the legacy CBC ciphersuites when the encrypt-then-MAC TLS feature was not supported by the peer. ** Introduced the %FORCE_ETM priority string option. This option prevents the negotiation |