Update change log

2025-02-24 17:47:12 +00:00 · 2018-04-04 13:47:40 +02:00 · 2018-04-04 13:47:40 +02:00 · 7da5088289
parent 071f9a3e47
commit 7da5088289
1 changed files with 9 additions and 0 deletions
--- a/9
+++ b/9
@ -9,6 +9,12 @@ Security
     a non DER-compliant certificate correctly signed by a trusted CA, or a
     trusted CA with a non DER-compliant certificate. Found by luocm on GitHub.
     Fixes #825.
+   * Fix buffer length assertion in the ssl_parse_certificate_request()
+     function which leads to an arbitrary overread of the message buffer. The
+     overreads could occur upon receiving a message malformed at the point
+     where an optional signature algorithms list is expected in the cases of
+     the signature algorithms section being too short. In the debug builds
+     the overread data is printed to the standard output.

 Bugfix
   * Fix spurious uninitialized variable warning in cmac.c. Fix independently
@ -28,6 +34,9 @@ Bugfix
     ECPrivateKey structure. Found by jethrogb, fixed in #1379.
   * Return plaintext data sooner on unpadded CBC decryption, as stated in
     the mbedtls_cipher_update() documentation. Contributed by Andy Leiserson.
+   * Fix buffer length assertions in the ssl_parse_certificate_request()
+     function which leads to a potential one byte overread of the message
+     buffer.

 Changes
   * Support cmake build where Mbed TLS is a subproject. Fix