summary refs log tree commit diff
path: root/crypto/Readme.html
diff options
context:
space:
mode:
authorDavid Hook <dgh@cryptoworkshop.com>2024-05-08 11:11:56 +1000
committerDavid Hook <dgh@cryptoworkshop.com>2024-05-08 11:11:56 +1000
commit5af9ec6b6bc4efbe3f91d75bdbb51785e7d937ba (patch)
tree83d2c57747ab613c55aff56bbfd6bee7d479b27d /crypto/Readme.html
parentUpdates after 2.3.1 release (diff)
downloadBouncyCastle.NET-ed25519-5af9ec6b6bc4efbe3f91d75bdbb51785e7d937ba.tar.xz
added CVE-IDs
Diffstat (limited to 'crypto/Readme.html')
-rw-r--r--crypto/Readme.html6
1 files changed, 3 insertions, 3 deletions
diff --git a/crypto/Readme.html b/crypto/Readme.html
index 98b7dee72..d37793361 100644
--- a/crypto/Readme.html
+++ b/crypto/Readme.html
@@ -351,17 +351,17 @@
         <h4><a class="mozTocH4" name="mozTocId85332"></a>Release 2.3.1, Tuesday May 7, 2024</h4>
         <h5>Defects Fixed</h5>
         <ul>
-            <li>TLS: Fixed timing side-channel for RSA key exchange ("The Marvin Attack").</li>
+            <li>TLS: Fixed timing side-channel for RSA key exchange (CVE-2024-30171 - "The Marvin Attack").</li>
             <li>PSS: Fixed regression in 2.3.0 when updating signer from a span.</li>
             <li>
                 EdDSA: Fixed verification infinite loop (regression in 2.1.0)
-                - see <a href="https://github.com/bcgit/bc-java/issues/1599">corresponding bc-java issue</a>.
+                - see <a href="https://github.com/bcgit/bc-java/issues/1599">corresponding bc-java issue</a> (CVE-2024-30172).
             </li>
+            <li>EC: Restricted m value in F2m curves (CVE-2024-29857).</li>
         </ul>
         <h5>Additional Features and Functionality</h5>
         <ul>
             <li>ASN.1: Limited OID contents to 4096 bytes.</li>
-            <li>EC: Restricted m value in F2m curves.</li>
         </ul>
         <h5>Additional Notes</h5>
         <ul>