mirror of
https://github.com/ARMmbed/mbedtls.git
synced 2025-06-28 18:12:46 +08:00
Add changelog entry
This commit is contained in:
Gilles Peskine
Simon Butcher
parent
d817f54077
commit
a32e45d632
@ -70,6 +70,11 @@ Security
|
||||
unless the RNG is broken, and could result in information disclosure or
|
||||
denial of service (application crash or extra resource consumption).
|
||||
Found by Auke Zeilstra and Peter Schwabe, using static analysis.
|
||||
* To avoid a side channel vulnerability when parsing an RSA private key,
|
||||
read all the CRT parameters from the DER structure rather than
|
||||
reconstructing them. Found by Alejandro Cabrera Aldaya and Billy Bob
|
||||
Brumley. Reported and fix contributed by Jack Lloyd.
|
||||
ARMmbed/mbed-crypto#352
|
||||
|
||||
Bugfix
|
||||
* Fix an unchecked call to mbedtls_md() in the x509write module.
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user