mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-10-18 12:21:04 +00:00
Adapt ChangeLog
This commit is contained in:
Hanno Becker
parent
0c161d1956
commit
dc71ef8fcc
|
|
@ -2,6 +2,13 @@ mbed TLS ChangeLog (Sorted per branch, date)
|
|||
|
||||
= mbed TLS x.x.x branch released xxxx-xx-xx
|
||||
|
||||
Security
|
||||
* Fix a flawed bounds check in server PSK hint parsing. In case the
|
||||
incoming message buffer was placed within the first 64KB of address
|
||||
space and a PSK-(EC)DHE ciphersuite was used, this allowed an attacker
|
||||
to trigger a memory access up to 64KB beyond the incoming message buffer,
|
||||
potentially leading to application crash or information disclosure.
|
||||
|
||||
Bugfix
|
||||
* Fix a bug in the update function for SSL ticket keys which previously
|
||||
invalidated keys of a lifetime of less than a 1s. Fixes #1968.
|
||||
|
|
|
|||
Loading…
Reference in a new issue