Clarify attribution for the Bleichenbacher's Cat fix

commit: 8cc882bf2e7115e071c49c71187b49695b072413 [log] [tgz]
author: Simon Butcher <simon.butcher@arm.com> Sat Dec 01 22:46:55 2018 +0000
committer: Simon Butcher <simon.butcher@arm.com> Sat Dec 01 22:51:42 2018 +0000
tree: c7d59de7b0c7f11ffde1267b6b9ce2890a42c013
parent: ee66bcfc87491693cb0fad18c0b7919c7bfe1c2c [diff]
diff --git a/ChangeLog b/ChangeLog
index 1e3ffbf..eae0a08 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -7,8 +7,11 @@
      decryption that could lead to a Bleichenbacher-style padding oracle
      attack. In TLS, this affects servers that accept ciphersuites based on
      RSA decryption (i.e. ciphersuites whose name contains RSA but not
-     (EC)DH(E)). Reported by Eyal Ronen, Robert Gillham, Daniel Genkin, Adi
-     Shamir, David Wong and Yuval Yarom. CVE-2018-19608
+     (EC)DH(E)). Discovered by Eyal Ronen (Weizmann Institute),  Robert Gillham
+     (University of Adelaide), Daniel Genkin (University of Michigan),
+     Adi Shamir (Weizmann Institute), David Wong (NCC Group), and Yuval Yarom
+     (University of Adelaide, Data61). The attack is described in more detail
+     in the paper available here: http://cat.eyalro.net/cat.pdf  CVE-2018-19608
    * In mbedtls_mpi_write_binary(), don't leak the exact size of the number
      via branching and memory access patterns. An attacker who could submit
      a plaintext for RSA PKCS#1 v1.5 decryption but only observe the timing
commit	8cc882bf2e7115e071c49c71187b49695b072413	[log] [tgz]
author	Simon Butcher <simon.butcher@arm.com>	Sat Dec 01 22:46:55 2018 +0000
committer	Simon Butcher <simon.butcher@arm.com>	Sat Dec 01 22:51:42 2018 +0000
tree	c7d59de7b0c7f11ffde1267b6b9ce2890a42c013
parent	ee66bcfc87491693cb0fad18c0b7919c7bfe1c2c [diff]