yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-23 12:01:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Adapt ChangeLog

Browse source
This commit is contained in:
Hanno Becker 2017-09-18 16:07:19 +01:00
parent a360411e4f
commit b658ee63c2
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
ChangeLog
View file

@ -13,6 +13,16 @@ Bugfix
dates on leap years with 100 and 400 intervals are handled correctly. Found dates on leap years with 100 and 400 intervals are handled correctly. Found
by Nicholas Wilson. #694 by Nicholas Wilson. #694
Security
* Fix a potential heap buffer overflow in mbedtls_ssl_write. When the (by
default enabled) maximum fragment length extension is disabled in the
config and the application data buffer passed to mbedtls_ssl_write
is larger than the internal message buffer (16384 bytes by default), the
latter overflows. The exploitability of this issue depends on whether the
application layer can be forced into sending such large packets. The issue
was independently reported by Tim Nordell via e-mail and by Florin Petriuc
and sjorsdewit on GitHub. Fix proposed by Florin Petriuc in #1022. Fixes #707.
= mbed TLS 2.1.9 branch released 2017-08-10 = mbed TLS 2.1.9 branch released 2017-08-10
Security Security