yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-02-24 21:26:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refine the language in the ChangeLog

Browse source 
Fix the language and descriptions in the ChangeLog following review of the
Release Notes for the next release.
This commit is contained in:
Simon Butcher 2018-11-19 16:01:15 +00:00
parent 357fbee3fd
commit 7fd58a9e4f
1 changed files with 9 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
ChangeLog
View file

@ -4,27 +4,27 @@ mbed TLS ChangeLog (Sorted per branch, date)
Security
* Fix overly strict DN comparison when looking for CRLs belonging to a
particular CA. This previously lead to ignoring CRLs when the CRL's issuer
particular CA. This previously led to ignoring CRLs when the CRL's issuer
name and the CA's subject name differed in their string encoding (e.g.,
one using PrintableString and the other UTF8String) or in the choice of
upper and lower case. Reported by Henrik Andersson of Bosch GmbH in issue
#1784.
* Fix a flawed bounds check in server PSK hint parsing. In case the
incoming message buffer was placed within the first 64KiB of address
space and a PSK-(EC)DHE ciphersuite was used, this allowed an attacker
to trigger a memory access up to 64KiB beyond the incoming message buffer,
potentially leading to application crash or information disclosure.
* Fix mbedtls_mpi_is_prime() to use more rounds of probabilistic testing. The
previous settings for the number of rounds made it practical for an
adversary to construct non-primes that would be erroneously accepted as
primes with high probability. This does not have an impact on the
security of TLS, but can matter in other contexts with potentially
adversarially-chosen numbers that should be prime and can be validated.
security of TLS, but can matter in other contexts with numbers chosen
potentially by an adversary that should be prime and can be validated.
For example, the number of rounds was enough to securely generate RSA key
pairs or Diffie-Hellman parameters, but was insufficient to validate
Diffie-Hellman parameters properly.
See "Prime and Prejudice" by by Martin R. Albrecht and Jake Massimo and
Kenneth G. Paterson and Juraj Somorovsky.
* Fix a flawed bounds check in server PSK hint parsing. In case the
incoming message buffer was placed within the first 64KB of address
space and a PSK-(EC)DHE ciphersuite was used, this allowed an attacker
to trigger a memory access up to 64KB beyond the incoming message buffer,
potentially leading to application crash or information disclosure.
Bugfix
* Fix failure in hmac_drbg in the benchmark sample application, when
@ -32,7 +32,7 @@ Bugfix
* Fix a bug in the update function for SSL ticket keys which previously
invalidated keys of a lifetime of less than a 1s. Fixes #1968.
* Fix a bug in the record decryption routine ssl_decrypt_buf()
which lead to accepting properly authenticated but improperly
which led to accepting properly authenticated but improperly
padded records in case of CBC ciphersuites using Encrypt-then-MAC.
* Fix wrong order of freeing in programs/ssl/ssl_server2 example
application leading to a memory leak in case both