yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-09 15:35:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Adapt ChangeLog

Browse source
This commit is contained in:
Hanno Becker 2017-10-19 09:13:35 +01:00
parent 0f49bbc1fc
commit cf873f74d4
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
ChangeLog
View file

@ -2,6 +2,13 @@ mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS 2.1.x released xxxx-xx-xx = mbed TLS 2.1.x released xxxx-xx-xx
Security
* Make mbedtls_mpi_read_binary constant-time with respect to
the input data. Previously, trailing zero bytes were detected
and omitted for the sake of saving memory, but potentially
leading to slight timing differences.
Reported by Marco Macchetti, Kudelski Group.
Bugfix Bugfix
* Fix ssl_parse_record_header() to silently discard invalid DTLS records * Fix ssl_parse_record_header() to silently discard invalid DTLS records
as recommended in RFC 6347 Section 4.1.2.7. as recommended in RFC 6347 Section 4.1.2.7.