From 5a46dfae2c933b692a8148942b694fc621e4e37c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 11 Jun 2023 16:15:40 +0100 Subject: [PATCH 1/2] Changelog for SHA-384 max block size bug Signed-off-by: Dave Rodgman --- ChangeLog.d/sha384-blocksize.txt | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 ChangeLog.d/sha384-blocksize.txt diff --git a/ChangeLog.d/sha384-blocksize.txt b/ChangeLog.d/sha384-blocksize.txt new file mode 100644 index 0000000000..a064264cb5 --- /dev/null +++ b/ChangeLog.d/sha384-blocksize.txt @@ -0,0 +1,6 @@ +Security + * Fix definition of MBEDTLS_MD_MAX_BLOCK_SIZE, which was too + small when MBEDTLS_SHA384_C was defined and MBEDTLS_SHA512_C was + undefined. Mbed TLS itself was unaffected by this, but user code + which used MBEDTLS_MD_MAX_BLOCK_SIZE could be affected. This bug + was first released in Mbed TLS 3.4.0. From 12d89741bf5f7505e6ae2b01528f222ed94b136f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 11 Jun 2023 16:29:54 +0100 Subject: [PATCH 2/2] Improve phrasing Signed-off-by: Dave Rodgman --- ChangeLog.d/sha384-blocksize.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog.d/sha384-blocksize.txt b/ChangeLog.d/sha384-blocksize.txt index a064264cb5..4917eb2c2a 100644 --- a/ChangeLog.d/sha384-blocksize.txt +++ b/ChangeLog.d/sha384-blocksize.txt @@ -2,5 +2,5 @@ Security * Fix definition of MBEDTLS_MD_MAX_BLOCK_SIZE, which was too small when MBEDTLS_SHA384_C was defined and MBEDTLS_SHA512_C was undefined. Mbed TLS itself was unaffected by this, but user code - which used MBEDTLS_MD_MAX_BLOCK_SIZE could be affected. This bug - was first released in Mbed TLS 3.4.0. + which used MBEDTLS_MD_MAX_BLOCK_SIZE could be affected. The only + release containing this bug was Mbed TLS 3.4.0.