[illumen]

The article says:

"We stress that this is a theoretical attack on the definition of security and we do not see any way of turning the attack into a full plaintext-recovery attack."

... which appears wrong, and even published after the other paper?

[detaro]

And the article linked by tptacek (by the same authors) builds on this and shows practical attacks.