Merge remote-tracking branch 'restricted/pr/519' into mbedtls-2.1

commit: 75da5504e535eb6385707e88c958ee724a078d8f [log] [tgz]
author: Simon Butcher <simon.butcher@arm.com> Thu Nov 29 17:29:28 2018 +0000
committer: Simon Butcher <simon.butcher@arm.com> Thu Nov 29 17:30:35 2018 +0000
tree: 90f118f661c3d356e6c5f900e4058f5a76d5ee60
parent: 568ec7cb61461183af0cf67f8f67c4114b3c492b [diff] [blame]
parent: e3be8d672e654984ecc7f8be1a4fd783965b6cc5 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index 3500ffe..0936755 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -1,5 +1,14 @@
 mbed TLS ChangeLog (Sorted per branch, date)
 
+= mbed TLS 2.1.x branch released xxxx-xx-xx
+
+Security
+   * Fix timing variations and memory access variations in RSA PKCS#1 v1.5
+     decryption that could lead to a Bleichenbacher-style padding oracle
+     attack. In TLS, this affects RSA-based ciphersuites without DHE or
+     ECDHE. Reported by Yuval Yarom, Eyal Ronen, Adi Shamir, David Wong and
+     Daniel Genkin.
+
 = mbed TLS 2.1.16 branch released 2018-11-19
 
 Security
commit	75da5504e535eb6385707e88c958ee724a078d8f	[log] [tgz]
author	Simon Butcher <simon.butcher@arm.com>	Thu Nov 29 17:29:28 2018 +0000
committer	Simon Butcher <simon.butcher@arm.com>	Thu Nov 29 17:30:35 2018 +0000
tree	90f118f661c3d356e6c5f900e4058f5a76d5ee60
parent	568ec7cb61461183af0cf67f8f67c4114b3c492b [diff] [blame]
parent	e3be8d672e654984ecc7f8be1a4fd783965b6cc5 [diff] [blame]