Changes between 0.9.8y and 0.9.8za [xx XXX xxxx]
+ *) Fix for the attack described in the paper "Recovering OpenSSL
+ ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
+ by Yuval Yarom and Naomi Benger. Details can be obtained from:
+ http://eprint.iacr.org/2014/140
+
+ Thanks to Yuval Yarom and Naomi Benger for discovering this
+ flaw and to Yuval Yarom for supplying a fix (CVE-2014-0076)
+ [Yuval Yarom and Naomi Benger]
+
+ Thanks to mancha for backporting the fix to the 0.9.8 branch.
+
*) Fix handling of warning-level alerts in SSL23 client mode so they
don't cause client-side termination (eg. on SNI unrecognized_name
warnings). Add client and server support for six additional alerts
projects / thirdparty / openssl.git / blobdiff