Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2026-01-07 15:09:28 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix potential timing issue in RSA pms handling

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2015-02-06 10:30:58 +00:00
parent 555fbf8758
commit 6674cce892
2 changed files with 41 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

3
ChangeLog
View file

@ -18,6 +18,9 @@ Security
* Fix potential stack overflow while parsing crafted X.509 certificates
(TLS server is not affected if it doesn't ask for a client certificate)
(found using Codenomicon Defensics).
* Fix timing difference that could theoretically lead to a
Bleichenbacher-style attack in the RSA and RSA-PSK key exchanges
(reported by Sebastian Schinzel).
Features
* Add support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv).