mirror of
https://git.suyu.dev/suyu/mbedtls.git
synced 2026-01-05 22:19:11 +01:00
Merge branch 'IOTSSL-621-PotentialIntegerOverflow' into development-restricted
* IOTSSL-621-PotentialIntegerOverflow: Add precision about exploitability in ChangeLog Add Changelog entry for current branch Included tests for the overflow
This commit is contained in:
Manuel Pégourié-Gonnard
commit
3c44760ae2
2 changed files with 9 additions and 2 deletions
|
|
@ -2,6 +2,11 @@ mbed TLS ChangeLog (Sorted per branch, date)
|
|||
|
||||
= mbed TLS 2.x branch
|
||||
|
||||
Security
|
||||
* Fix potential integer overflow to buffer overflow in
|
||||
mbedtls_rsa_rsaes_pkcs1_v15_encrypt and mbedtls_rsa_rsaes_oaep_encrypt
|
||||
(not triggerable remotely in (D)TLS).
|
||||
|
||||
Bugfix
|
||||
* Fix bug in mbedtls_mpi_add_mpi() that caused wrong results when the three
|
||||
arguments where the same (in-place doubling). Found and fixed by Janos
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue