yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-24 22:25:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refined credits in ChangeLog for fuzzing issue

Browse source 
Changed GDS to Gotham Digital Science
This commit is contained in:
Simon Butcher 2015-09-22 10:20:58 +01:00
parent df048c59cf
commit 21823f9a69
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ChangeLog
View file

@ -5,7 +5,7 @@ mbed TLS ChangeLog (Sorted per branch, date)
Security Security
* Fix possible client-side NULL pointer dereference (read) when the client * Fix possible client-side NULL pointer dereference (read) when the client
tries to continue the handshake after it failed (a misuse of the API). tries to continue the handshake after it failed (a misuse of the API).
(Found by GDS Labs using afl-fuzz, patch provided by GDS Labs.) (Found and patch provided by Fabian Foerg, Gotham Digital Science using afl-fuzz.)
* Add countermeasure against Lenstra's RSA-CRT attack for PKCS#1 v1.5 * Add countermeasure against Lenstra's RSA-CRT attack for PKCS#1 v1.5
signatures. (Found by Florian Weimer, Red Hat.) signatures. (Found by Florian Weimer, Red Hat.)
https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/ https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/