diff options
| author | David Hook <dgh@cryptoworkshop.com> | 2024-05-08 11:11:56 +1000 |
|---|---|---|
| committer | David Hook <dgh@cryptoworkshop.com> | 2024-05-08 11:11:56 +1000 |
| commit | 5af9ec6b6bc4efbe3f91d75bdbb51785e7d937ba (patch) | |
| tree | 83d2c57747ab613c55aff56bbfd6bee7d479b27d | |
| parent | Updates after 2.3.1 release (diff) | |
| download | BouncyCastle.NET-ed25519-5af9ec6b6bc4efbe3f91d75bdbb51785e7d937ba.tar.xz | |
added CVE-IDs
| -rw-r--r-- | crypto/Readme.html | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/crypto/Readme.html b/crypto/Readme.html index 98b7dee72..d37793361 100644 --- a/crypto/Readme.html +++ b/crypto/Readme.html @@ -351,17 +351,17 @@ <h4><a class="mozTocH4" name="mozTocId85332"></a>Release 2.3.1, Tuesday May 7, 2024</h4> <h5>Defects Fixed</h5> <ul> - <li>TLS: Fixed timing side-channel for RSA key exchange ("The Marvin Attack").</li> + <li>TLS: Fixed timing side-channel for RSA key exchange (CVE-2024-30171 - "The Marvin Attack").</li> <li>PSS: Fixed regression in 2.3.0 when updating signer from a span.</li> <li> EdDSA: Fixed verification infinite loop (regression in 2.1.0) - - see <a href="https://github.com/bcgit/bc-java/issues/1599">corresponding bc-java issue</a>. + - see <a href="https://github.com/bcgit/bc-java/issues/1599">corresponding bc-java issue</a> (CVE-2024-30172). </li> + <li>EC: Restricted m value in F2m curves (CVE-2024-29857).</li> </ul> <h5>Additional Features and Functionality</h5> <ul> <li>ASN.1: Limited OID contents to 4096 bytes.</li> - <li>EC: Restricted m value in F2m curves.</li> </ul> <h5>Additional Notes</h5> <ul> |