Module Name: src
Committed By: bouyer
Date: Thu Apr 3 19:02:39 UTC 2014
Modified Files:
src/doc [netbsd-6-0]: CHANGES-6.0.5
Log Message:
ticket #1041
To generate a diff of this commit:
cvs rdiff -u -r1.1.2.5 -r1.1.2.6 src/doc/CHANGES-6.0.5
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/doc/CHANGES-6.0.5
diff -u src/doc/CHANGES-6.0.5:1.1.2.5 src/doc/CHANGES-6.0.5:1.1.2.6
--- src/doc/CHANGES-6.0.5:1.1.2.5 Tue Mar 18 09:44:51 2014
+++ src/doc/CHANGES-6.0.5 Thu Apr 3 19:02:39 2014
@@ -1,4 +1,4 @@
-# $NetBSD: CHANGES-6.0.5,v 1.1.2.5 2014/03/18 09:44:51 msaitoh Exp $
+# $NetBSD: CHANGES-6.0.5,v 1.1.2.6 2014/04/03 19:02:39 bouyer Exp $
A complete list of changes from the NetBSD 6.0.4 release to the NetBSD 6.0.5
release:
@@ -39,3 +39,14 @@ sys/kern/kern_verifiedexec.c 1.132
Reorder code to avoid use-after-free on error.
[maxv, ticket #1034]
+crypto/external/bsd/openssl/dist/crypto/bn/bn.h 1.2
+crypto/external/bsd/openssl/dist/crypto/bn/bn_lib.c 1.2
+crypto/external/bsd/openssl/dist/crypto/ec/ec2_mult.c 1.2
+
+ Add fix for CVE-2014-0076 taken from OpenSSL GIT repository:
+ Fix for the attack described in the paper "Recovering OpenSSL
+ ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
+ by Yuval Yarom and Naomi Benger. Details can be obtained from:
+ http://eprint.iacr.org/2014/140
+ [tron, ticket #1041]
+
