mirror of
https://git.suyu.dev/suyu/mbedtls.git
synced 2026-01-08 15:39:22 +01:00
Fix incrementing pointer instead of value
This was introduced by a hasty search-and-replace that didn't account for C's operator precedence when changing those variables to pointer types.
This commit is contained in:
Manuel Pégourié-Gonnard
Manuel Pégourié-Gonnard
parent
39e2c0eeb6
commit
42b8194b53
2 changed files with 12 additions and 2 deletions
10
ChangeLog
10
ChangeLog
|
|
@ -1,5 +1,15 @@
|
|||
mbed TLS ChangeLog (Sorted per branch, date)
|
||||
|
||||
= mbed TLS 2.16.5 branch released xxxx-xx-xx
|
||||
|
||||
Security
|
||||
* Fix potential memory overread when performing an ECDSA signature
|
||||
operation. The overread only happens with cryptographically low
|
||||
probability (of the order of 2^-n where n is the bitsize of the curve)
|
||||
unless the RNG is broken, and could result in information disclosure or
|
||||
denial of service (application crash or extra resource consumption).
|
||||
Reported by Peter and Auke (found using static analysis).
|
||||
|
||||
= mbed TLS 2.16.4 branch released 2020-01-15
|
||||
|
||||
Security
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue