PolarSSL 1.1.6 and PolarSSL 1.1.7 changed added to ChangeLog

2024-10-18 12:21:04 +00:00 · 2013-06-24 19:08:50 +02:00 · 2013-06-24 19:08:50 +02:00 · 248fff5369
parent 73d4431ccd
commit 248fff5369
1 changed files with 32 additions and 0 deletions
--- a/32
+++ b/32
@ -169,6 +169,38 @@ Security
   * Fixed potential memory zeroization on miscrafted RSA key (found by Eloi
     Vanderbeken)

+= Version 1.1.7 released on 2013-06-19
+Changes
+   * HAVEGE random generator disabled by default
+
+Bugfix
+   * x509parse_crt() now better handles PEM error situations
+   * ssl_parse_certificate() now calls x509parse_crt_der() directly
+     instead of the x509parse_crt() wrapper that can also parse PEM
+	 certificates
+   * Fixed values for 2-key Triple DES in cipher layer
+   * ssl_write_certificate_request() can handle empty ca_chain
+
+Security
+   * A possible DoS during the SSL Handshake, due to faulty parsing of
+     PEM-encoded certificates has been fixed (found by Jack Lloyd)
+
+= Version 1.1.6 released on 2013-03-11
+Bugfix
+   * Fixed net_bind() for specified IP addresses on little endian systems
+
+Changes
+   * Allow enabling of dummy error_strerror() to support some use-cases
+   * Debug messages about padding errors during SSL message decryption are
+     disabled by default and can be enabled with POLARSSL_SSL_DEBUG_ALL
+
+Security
+   * Removed timing differences during SSL message decryption in
+     ssl_decrypt_buf()
+   * Removed timing differences due to bad padding from
+     rsa_rsaes_pkcs1_v15_decrypt() and rsa_pkcs1_decrypt() for PKCS#1 v1.5
+     operations
+
 = Version 1.1.5 released on 2013-01-16
 Bugfix
   * Fixed MPI assembly for SPARC64 platform