1Bugfix 2 * Fix a race condition on x86/amd64 platforms in AESNI support detection 3 that could lead to using software AES in some threads at the very 4 beginning of a multithreaded program. Reported by Solar Designer. 5 Fixes #9840. 6 7Security 8 * On x86/amd64 platforms, with some compilers, when the library is 9 compiled with support for both AESNI and software AES and AESNI is 10 available in hardware, an adversary with fine control over which 11 threads make progress in a multithreaded program could force software 12 AES to be used for some time when the program starts. This could allow 13 the adversary to conduct timing attacks and potentially recover the 14 key. In particular, this attacker model may be possible against an SGX 15 enclave. 16 The same vulnerability affects GCM acceleration, which could allow 17 a similarly powerful adversary to craft GCM forgeries. 18