summary refs log tree commit diff
path: root/crypto/Readme.html
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/Readme.html')
-rw-r--r--crypto/Readme.html6
1 files changed, 3 insertions, 3 deletions
diff --git a/crypto/Readme.html b/crypto/Readme.html
index 98b7dee72..d37793361 100644
--- a/crypto/Readme.html
+++ b/crypto/Readme.html
@@ -351,17 +351,17 @@
         <h4><a class="mozTocH4" name="mozTocId85332"></a>Release 2.3.1, Tuesday May 7, 2024</h4>
         <h5>Defects Fixed</h5>
         <ul>
-            <li>TLS: Fixed timing side-channel for RSA key exchange ("The Marvin Attack").</li>
+            <li>TLS: Fixed timing side-channel for RSA key exchange (CVE-2024-30171 - "The Marvin Attack").</li>
             <li>PSS: Fixed regression in 2.3.0 when updating signer from a span.</li>
             <li>
                 EdDSA: Fixed verification infinite loop (regression in 2.1.0)
-                - see <a href="https://github.com/bcgit/bc-java/issues/1599">corresponding bc-java issue</a>.
+                - see <a href="https://github.com/bcgit/bc-java/issues/1599">corresponding bc-java issue</a> (CVE-2024-30172).
             </li>
+            <li>EC: Restricted m value in F2m curves (CVE-2024-29857).</li>
         </ul>
         <h5>Additional Features and Functionality</h5>
         <ul>
             <li>ASN.1: Limited OID contents to 4096 bytes.</li>
-            <li>EC: Restricted m value in F2m curves.</li>
         </ul>
         <h5>Additional Notes</h5>
         <ul>
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-19 16:19:53 +0000