]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 51424b9) | patch
gnutls: fix CVE-2023-0361 timing side-channel in the TLS RSA key exchange code
authorVivek Kumbhar <vkumbhar@mvista.com>
Wed, 8 Mar 2023 06:44:30 +0000 (12:14 +0530)
committerSteve Sakoman <steve@sakoman.com>
Wed, 8 Mar 2023 15:00:31 +0000 (05:00 -1000)
commit5b8a3601ebff7a0cdfaa50d7a0b5e384a7e2514c
treeb4bd903761f1c985f582edecac8e4d5fc637e40atree
parent51424b9955374196307aaf73cf4b6c184ce4fb6dcommit | diff
gnutls: fix CVE-2023-0361 timing side-channel in the TLS RSA key exchange code

Remove branching that depends on secret data.

since the `ok` variable isn't used any more, we can remove all code
used to calculate it

Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-support/gnutls/gnutls/CVE-2023-0361.patch [new file with mode: 0644] blob
meta/recipes-support/gnutls/gnutls_3.6.14.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core