mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-07-02 02:28:26 +00:00
Adapt ChangeLog
This commit is contained in:
parent
251bab5ceb
commit
4d48bb6ca3
|
@ -2,6 +2,14 @@ mbed TLS ChangeLog (Sorted per branch, date)
|
||||||
|
|
||||||
= mbed TLS 1.3.22 branch released 2017-xx-xx
|
= mbed TLS 1.3.22 branch released 2017-xx-xx
|
||||||
|
|
||||||
|
Security
|
||||||
|
* Fix heap corruption in implementation of truncated HMAC extension.
|
||||||
|
When the truncated HMAC extension is enabled and CBC is used,
|
||||||
|
sending a malicious application packet can be used to selectively
|
||||||
|
corrupt 6 bytes on the peer's heap, potentially leading to crash or
|
||||||
|
remote code execution. This can be triggered remotely from either
|
||||||
|
side.
|
||||||
|
|
||||||
Bugfix
|
Bugfix
|
||||||
* Fix memory leak in ssl_set_hostname() when called multiple times.
|
* Fix memory leak in ssl_set_hostname() when called multiple times.
|
||||||
Found by projectgus and jethrogb, #836.
|
Found by projectgus and jethrogb, #836.
|
||||||
|
|
Loading…
Reference in a new issue