From df60c17cd85f03b156aa4ef612f766281a610662 Mon Sep 17 00:00:00 2001
From: Andres Erbsen <andreser@mit.edu>
Date: Sun, 2 Jul 2017 09:51:43 -0400
Subject: crypto-defects.md: analyze CVE-2014-3570

---
 crypto-defects.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'crypto-defects.md')

diff --git a/crypto-defects.md b/crypto-defects.md
index 8a0611f52..9f42f4513 100644
--- a/crypto-defects.md
+++ b/crypto-defects.md
@@ -15,7 +15,7 @@ appearing in our code.
 | [donna#8edc799f](https://github.com/agl/curve25519-donna/commit/2647eeba59fb628914c79ce691df794a8edc799f) | F25519 internal to wire |  32-bit pseudo-Mersenne, C | non-canonical |
 | [end-to-end#340](https://github.com/google/end-to-end/issues/340) | Curve25519 library | twisted Edwards coordinates | (0, 1) = ∞ |
 | [CVE-2006-4339](https://web.archive.org/web/20071010042708/http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html) | RSA-PKCS-1 sig. verification | irrelevant | padding check |
-| [CVE-2014-3570](https://www.openssl.org/news/secadv/20150108.txt) | Bignum squaring |   |  |
+| [CVE-2014-3570](https://github.com/openssl/openssl/commit/a7a44ba55cb4f884c6bc9ceac90072dea38e66d0) | Bignum squaring | asm |  limb overflow |
 | [ref/sc25519.c:84](https://github.com/floodyberry/supercop/blob/master/crypto_sign/ed25519/ref/sc25519.c#L84) | x mod (order of Curve25519) |  Barrett reduction (code is likely correct) | "XXX" comment |
 | [ic#237002094](https://github.com/mit-plv/fiat-crypto/pull/42#issuecomment-237002094) | Barrett reduction for p256 | 1 conditional subtraction instead of 2 | unkown if ok |
 | [openssl#1593](https://rt.openssl.org/Ticket/Display.html?id=1593&user=guest&pass=guest) | P384 modular reduction | carry handling | [exploitable](https://eprint.iacr.org/2011/633.pdf) |
-- 
cgit v1.2.3