Improve Changelog

This commit is contained in:
Janos Follath 2017-06-16 09:00:07 +01:00
parent 90651914a9
commit 5a1c0e7162

View file

@ -17,39 +17,45 @@ Security
potential Bleichenbacher/BERserk-style attack.
Bugfix
* Remove invalid use of size zero arrays in ECJPAKE test suite.
* Remove size zero arrays from ECJPAKE test suite. Size zero arrays are not
valid C and they prevented the test from compiling in Visual Studio 2015
and with GCC using the -Wpedantic compilation option.
* Fix insufficient support for signature-hash-algorithm extension,
resulting in compatibility problems with Chrome. Found by hfloyrd. #823
* If sending a fatal alert fails, make sure not to hide the error
* Fix behaviour that hid the original cause of fatal alerts in some cases
when sending the alert failed. The fix makes sure not to hide the error
that triggered the alert.
* In SSLv3, if refusing a renegotiation attempt, don't process any further
data.
* Fix SSLv3 renegotiation behaviour and stop processing data received from
peer after sending a fatal alert to refuse a renegotiation attempt.
Previous behaviour was to keep processing data even after the alert has
been sent.
* Accept empty trusted CA chain in authentication mode
MBEDTLS_SSL_VERIFY_OPTIONAL.
Fixes #864. Found by jethrogb.
* Fix implementation of mbedtls_ssl_parse_certificate
to not annihilate fatal errors in authentication mode
MBEDTLS_SSL_VERIFY_OPTIONAL and to reflect bad EC curves
within verification result.
* Fix modular inversion function on invalid modulus 1.
Found by blaufish. Fixes #641.
* Fix incorrect sign computation in modular exponentiation
when dealing with negative MPI. Found by Guido Vranken.
* Fix potential stack underflow in mpi_read_file.
Found by Guido Vranken.
Found by jethrogb. #864
* Fix implementation of mbedtls_ssl_parse_certificate() to not annihilate
fatal errors in authentication mode MBEDTLS_SSL_VERIFY_OPTIONAL and to
reflect bad EC curves within verification result.
* Fix bug that caused the modular inversion function to accept the invalid
modulus 1 and therefore to hang. Found by blaufish. #641.
* Fix incorrect sign computation in modular exponentiation when the base is
a negative MPI. Previously the result was always negative. Found by Guido
Vranken.
* Fix a numerical underflow leading to stack overflow in mpi_read_file()
that was triggered uppon reading an empty line. Found by Guido Vranken.
Changes
* Send fatal alerts in many more cases instead of dropping the connection.
* Send fatal alerts in more cases. The previous behaviour was to skip
sending the fatal alert and just drop the connection.
* Clarify ECDSA documentation and improve the sample code to avoid
misunderstandings and potentially dangerous use of the API. Pointed out
misunderstanding and potentially dangerous use of the API. Pointed out
by Jean-Philippe Aumasson.
= mbed TLS 2.5.0 branch released 2017-05-17
Security
* Wipe stack buffers in RSA private key operations
(rsa_rsaes_pkcs1_v15_decrypt(), rsa_rsaes_oaep_decrypt).
Found by Laurent Simon.
(rsa_rsaes_pkcs1_v15_decrypt(), rsa_rsaes_oaep_decrypt). Found by Laurent
Simon.
* Add exponent blinding to RSA private operations as a countermeasure
against side-channel attacks like the cache attack described in
https://arxiv.org/abs/1702.08719v2.
@ -57,8 +63,10 @@ Security
Clémentine Maurice and Stefan Mangard.
Features
* Exposed parts of the Elliptic Curve Point internal interface, to provide
interface for external hardware acceleration code.
* Add hardware acceleration support for the Elliptic Curve Point module.
This involved exposing parts of the internal interface to enable
replacing the core functions and adding and alternative, module level
replacement support for enabling the extension of the interface.
* Add a new configuration option to 'mbedtls_ssl_config' to enable
suppressing the CA list in Certificate Request messages. The default
behaviour has not changed, namely every configured CAs name is included.
@ -74,7 +82,12 @@ API Changes
Bugfix
* Remove macros from compat-1.3.h that correspond to deleted items from most
recent versions of the library. Found by Kyle Keen.
* Fixed issue in mutexes to failing to initialise. #667
* Fixed issue in the Threading module that prevented mutexes from
initialising. Found by sznaider. #667 #843
* Add checks in the PK module for the RSA functions on 64-bit systems.
The PK and RSA modules use different types for passing hash length and
without these checks the type cast could lead to data loss. Found by Guido
Vranken.
= mbed TLS 2.4.2 branch released 2017-03-08