yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-02-24 19:56:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update change log

Browse source
This commit is contained in:
Krzysztof Stachowiak 2018-03-20 14:10:15 +01:00
parent bc231cc9b0
commit c0b13f7f0c
1 changed files with 9 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
ChangeLog
View file

@ -17,6 +17,12 @@ Security
implementation allowed an offline 2^80 brute force attack on the implementation allowed an offline 2^80 brute force attack on the
HMAC key of a single, uninterrupted connection (with no HMAC key of a single, uninterrupted connection (with no
resumption of the session). resumption of the session).
* Fix buffer length assertion in the ssl_parse_certificate_request()
function which leads to an arbitrary overread of the message buffer. The
overreads could occur upon receiving a message malformed at the point
where an optional signature algorithms list is expected in the cases of
the signature algorithms section being too short. In the debug builds
the overread data is printed to the standard output.
Features Features
* Extend PKCS#8 interface by introducing support for the entire SHA * Extend PKCS#8 interface by introducing support for the entire SHA
@ -47,6 +53,9 @@ Bugfix
* Fix memory allocation corner cases in memory_buffer_alloc.c module. Found * Fix memory allocation corner cases in memory_buffer_alloc.c module. Found
by Guido Vranken. #639 by Guido Vranken. #639
* Log correct number of ciphersuites used in Client Hello message. #918 * Log correct number of ciphersuites used in Client Hello message. #918
* Fix buffer length assertions in the ssl_parse_certificate_request()
function which leads to a potential one byte overread of the message
buffer.
Changes Changes
* Fix tag lengths and value ranges in the documentation of CCM encryption. * Fix tag lengths and value ranges in the documentation of CCM encryption.