mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 05:55:29 +00:00
Clarify ChangeLog for #569
This commit is contained in:
parent
7dadc2f259
commit
71e9d58dc2
|
@ -11,14 +11,11 @@ Security
|
||||||
* Removed MD5 from the allowed hash algorithms for CertificateRequest and
|
* Removed MD5 from the allowed hash algorithms for CertificateRequest and
|
||||||
CertificateVerify messages, to prevent SLOTH attacks against TLS 1.2.
|
CertificateVerify messages, to prevent SLOTH attacks against TLS 1.2.
|
||||||
Introduced by interoperability fix for #513.
|
Introduced by interoperability fix for #513.
|
||||||
|
|
||||||
Security
|
|
||||||
* Fixed a bug that caused freeing a buffer that was allocated on the stack,
|
* Fixed a bug that caused freeing a buffer that was allocated on the stack,
|
||||||
when verifying the validity of a key on secp224k1. This could be
|
when verifying the validity of a key on secp224k1. This could be
|
||||||
triggered remotely for example with a maliciously constructed certificate
|
triggered remotely for example with a maliciously constructed certificate
|
||||||
and might have led to remote code execution on some exotic embedded
|
and potentially could lead to remote code execution on some platforms.
|
||||||
platforms. Reported independently by rongsaws and Regina Wilson.
|
Reported independently by rongsaws and Regina Wilson. #569 CVE-2017-2784
|
||||||
CVE-2017-2784
|
|
||||||
|
|
||||||
Bugfix
|
Bugfix
|
||||||
* Fix output certificate verification flags set by x509_crt_verify_top() when
|
* Fix output certificate verification flags set by x509_crt_verify_top() when
|
||||||
|
|
Loading…
Reference in a new issue