Add ChangeLog entry for PKCS#7 side channel fix

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2026-05-05 17:37:58 +02:00 · 2025-01-22 11:18:14 +00:00
parent 652ea21737
commit 1667455992
1 changed files with 4 additions and 0 deletions
--- a/ChangeLog.d/pkcs7-padding-side-channel-fix.txt
+++ b/ChangeLog.d/pkcs7-padding-side-channel-fix.txt
@@ -0,0 +1,4 @@
+Security
+   * Fix a timing side channel in the implementation of PKCS#7 padding
+     which would allow an attacker who can request decryption of arbitrary
+     ciphertexts to recover the last byte of each block of the plaintext.