Add ChangeLog entry for previous security fix

Fixes #825
2025-02-24 22:36:52 +00:00 · 2017-09-25 10:51:32 +01:00 · 2017-09-25 10:51:32 +01:00 · 9a37e0f3be
parent 2e7fee09da
commit 9a37e0f3be
1 changed files with 10 additions and 0 deletions
--- a/10
+++ b/10
@ -1,5 +1,15 @@
 mbed TLS ChangeLog (Sorted per branch, date)

+= mbed TLS x.x.x branch released xxxx-xx-xx
+
+Security
+   * Fix a bug in the X.509 module potentially leading to a buffer overread
+     during CRT verification or to invalid or omitted checks for certificate
+     validity. The former can be triggered remotely, while the latter requires
+     a non DER-compliant certificate correctly signed by a trusted CA, or a
+     trusted CA with a non DER-compliant certificate. Found by luocm on GitHub.
+     Fixes #825.
+
 = mbed TLS 2.7.1 branch released 2018-02-23

 Default behavior changes