update release notesv2.6.5 OPENBSD_6_2

author: Brent Cook <bcook@openbsd.org> 2018-06-13 11:39:22 -0500
committer: Brent Cook <bcook@openbsd.org> 2018-06-13 11:39:22 -0500
commit: e970fbf951f50fe164b51525e5eede32d2c82348 (patch)
tree: 4500b3c9ec7d787251766f352ba393d7d81765c1
parent: 90898c96868189449e7bb38e768cf977b07ed436 (diff)
download: portable-OPENBSD_6_2.tar.gz
portable-OPENBSD_6_2.tar.bz2
portable-OPENBSD_6_2.zip
1 files changed, 13 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 893ea06..af40a78 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,19 @@ history is also available from Git.
 LibreSSL Portable Release Notes:
+2.6.5 - Security fixes
+        * Avoid a timing side-channel leak when generating DSA and ECDSA
+          signatures. This is caused by an attempt to do fast modular
+          arithmetic, which introduces branches that leak information
+          regarding secret values. Issue identified and reported by Keegan
+          Ryan of NCC Group.
+        * Reject excessively large primes in DH key generation. Problem
+          reported by Guido Vranken to OpenSSL
+          (https://github.com/openssl/openssl/pull/6457) and based on his
+          diff.
 2.6.4 - Bug fixes
        * Make tls_config_parse_protocols() work correctly when passed a NULL
author	Brent Cook <bcook@openbsd.org>	2018-06-13 11:39:22 -0500
committer	Brent Cook <bcook@openbsd.org>	2018-06-13 11:39:22 -0500
commit	e970fbf951f50fe164b51525e5eede32d2c82348 (patch)
tree	4500b3c9ec7d787251766f352ba393d7d81765c1
parent	90898c96868189449e7bb38e768cf977b07ed436 (diff)
download	portable-OPENBSD_6_2.tar.gz portable-OPENBSD_6_2.tar.bz2 portable-OPENBSD_6_2.zip

diff --git a/ChangeLog b/ChangeLog index 893ea06..af40a78 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -28,6 +28,19 @@ history is also available from Git.
28		28
29	LibreSSL Portable Release Notes:	29	LibreSSL Portable Release Notes:
30		30
		31	2.6.5 - Security fixes
		32
		33	* Avoid a timing side-channel leak when generating DSA and ECDSA
		34	signatures. This is caused by an attempt to do fast modular
		35	arithmetic, which introduces branches that leak information
		36	regarding secret values. Issue identified and reported by Keegan
		37	Ryan of NCC Group.
		38
		39	* Reject excessively large primes in DH key generation. Problem
		40	reported by Guido Vranken to OpenSSL
		41	(https://github.com/openssl/openssl/pull/6457) and based on his
		42	diff.
		43
31	2.6.4 - Bug fixes	44	2.6.4 - Bug fixes
32		45
33	* Make tls_config_parse_protocols() work correctly when passed a NULL	46	* Make tls_config_parse_protocols() work correctly when passed a NULL