Add CHANGES.md entry for the EC/DSA nonce generation fixes

Reviewed-by: Matt Caswell <[email protected]> Reviewed-by: Tom Cosgrove <[email protected]> Reviewed-by: Dmitry Belyavskiy <[email protected]> (Merged from openssl#24660) (cherry picked from commit 72bff68)
siemens · Jun 20, 2024 · b00374b · b00374b
1 parent fd979ee
commit b00374b
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/CHANGES.md b/CHANGES.md
@@ -71,6 +71,14 @@ OpenSSL 3.2
 
    *Tomáš Mráz*
 
+ * Improved EC/DSA nonce generation routines to avoid bias and timing
+   side channel leaks.
+
+   Thanks to Florian Sieck from Universität zu Lübeck and George Pantelakis
+   and Hubert Kario from Red Hat for reporting the issues.
+
+   *Tomáš Mráz and Paul Dale*
+
  * Fixed an issue where some non-default TLS server configurations can cause
    unbounded memory growth when processing TLSv1.3 sessions. An attacker may
    exploit certain server configurations to trigger unbounded memory growth that