- djm@cvs.openbsd.org 2010/07/16 14:07:35 [ssh-rsa.c] more timing paranoia - compare all parts of the expected decrypted data before returning. AFAIK not exploitable in the SSH protocol. "groovy" deraadt@

commit: 4e8285e31248f7306e4b1d299d186b277c69d00f [log] [tgz]
author: Damien Miller <djm@mindrot.org> Tue Aug 03 16:04:03 2010 +1000
committer: Damien Miller <djm@mindrot.org> Tue Aug 03 16:04:03 2010 +1000
tree: a125cd04039373a4bcd802132ce381e99011f92f
parent: 844cccfc1ae3bde48aa481bb8522d482fc8e7a0e [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index 4421f35..0d51580 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -6,6 +6,11 @@
    - djm@cvs.openbsd.org 2010/07/16 04:45:30
      [ssh-keygen.c]
      avoid bogus compiler warning
+   - djm@cvs.openbsd.org 2010/07/16 14:07:35
+     [ssh-rsa.c]
+     more timing paranoia - compare all parts of the expected decrypted
+     data before returning. AFAIK not exploitable in the SSH protocol.
+     "groovy" deraadt@
 
 20100819
  - (dtucker) [contrib/ssh-copy-ud.1] Bug #1786: update ssh-copy-id.1 with more
commit	4e8285e31248f7306e4b1d299d186b277c69d00f	[log] [tgz]
author	Damien Miller <djm@mindrot.org>	Tue Aug 03 16:04:03 2010 +1000
committer	Damien Miller <djm@mindrot.org>	Tue Aug 03 16:04:03 2010 +1000
tree	a125cd04039373a4bcd802132ce381e99011f92f
parent	844cccfc1ae3bde48aa481bb8522d482fc8e7a0e [diff] [blame]