openwrt

ExternalVendorCode/openwrt

Fork 0

mirror of https://github.com/openwrt/openwrt.git synced 2024-12-26 00:41:17 +00:00

Commit Graph

Author	SHA1	Message	Date
Eneas U de Queiroz	2df2b75208	wolfssl: fixes for CVE-2018-16870 & CVE-2019-13628 CVE-2018-16870: medium-severity, new variant of the Bleichenbacher attack to perform downgrade attacks against TLS, which may lead to leakage of sensible data. Backported from 3.15.7. CVE-2019-13628 (currently assigned-only): potential leak of nonce sizes when performing ECDSA signing operations. The leak is considered to be difficult to exploit but it could potentially be used maliciously to perform a lattice based timing attack. Backported from 4.1.0. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>	2019-08-17 17:23:17 +02:00

Author

SHA1

Message

Date

Eneas U de Queiroz

2df2b75208

wolfssl: fixes for CVE-2018-16870 & CVE-2019-13628

CVE-2018-16870: medium-severity, new variant of the Bleichenbacher
attack to perform downgrade attacks against TLS, which may lead to
leakage of sensible data. Backported from 3.15.7.

CVE-2019-13628 (currently assigned-only): potential leak of nonce sizes
when performing ECDSA signing operations. The leak is considered to be
difficult to exploit but it could potentially be used maliciously to
perform a lattice based timing attack. Backported from 4.1.0.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>

2019-08-17 17:23:17 +02:00

1 Commits