1 files changed, 13 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 893ea06..af40a78 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,19 @@ history is also available from Git.
 LibreSSL Portable Release Notes:
+2.6.5 - Security fixes
+        * Avoid a timing side-channel leak when generating DSA and ECDSA
+          signatures. This is caused by an attempt to do fast modular
+          arithmetic, which introduces branches that leak information
+          regarding secret values. Issue identified and reported by Keegan
+          Ryan of NCC Group.
+        * Reject excessively large primes in DH key generation. Problem
+          reported by Guido Vranken to OpenSSL
+          (https://github.com/openssl/openssl/pull/6457) and based on his
+          diff.
 2.6.4 - Bug fixes
        * Make tls_config_parse_protocols() work correctly when passed a NULL

diff --git a/ChangeLog b/ChangeLog index 893ea06..af40a78 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -28,6 +28,19 @@ history is also available from Git.
28		28
29	LibreSSL Portable Release Notes:	29	LibreSSL Portable Release Notes:
30		30
		31	2.6.5 - Security fixes
		32
		33	* Avoid a timing side-channel leak when generating DSA and ECDSA
		34	signatures. This is caused by an attempt to do fast modular
		35	arithmetic, which introduces branches that leak information
		36	regarding secret values. Issue identified and reported by Keegan
		37	Ryan of NCC Group.
		38
		39	* Reject excessively large primes in DH key generation. Problem
		40	reported by Guido Vranken to OpenSSL
		41	(https://github.com/openssl/openssl/pull/6457) and based on his
		42	diff.
		43
31	2.6.4 - Bug fixes	44	2.6.4 - Bug fixes
32		45
33	* Make tls_config_parse_protocols() work correctly when passed a NULL	46	* Make tls_config_parse_protocols() work correctly when passed a NULL