Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2026-01-06 06:28:56 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge fix for AEAD Random IVs

Browse source
This commit is contained in:
Simon Butcher 2016-10-14 00:48:33 +01:00
parent 9800a058ae
commit 8e00410402
5 changed files with 39 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

4
ChangeLog
View file

@ -3,6 +3,10 @@ mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS 2.3.x branch released 2016-xx-xx
Security
* Remove MBEDTLS_SSL_AEAD_RANDOM_IV option, because it was not compliant
with RFC5116 and could lead to session key recovery in very long TLS
sessions. (H. Bock, A. Zauner, S. Devlin, J. Somorovsky, P. Jovanovic -
"Nonce-Disrespecting Adversaries Practical Forgery Attacks on GCM in TLS")
* Fix potential stack corruption in mbedtls_x509write_crt_der() and
mbedtls_x509write_csr_der() when the signature is copied to the buffer
without checking whether there is enough space in the destination. The