Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2026-01-03 13:15:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix possible buffer overflow with PSK

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2014-03-25 16:28:12 +01:00 committed by Paul Bakker
parent fdddac90a6
commit b2bf5a1bbb
3 changed files with 14 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

3
ChangeLog
View file

@ -25,10 +25,11 @@ Changes
Security
* Forbid change of server certificate during renegotiation to prevent
"triple handshake" attack when authentication mode is optional (the
"triple handshake" attack when authentication mode is 'optional' (the
attack was already impossible when authentication is required).
* Check notBefore timestamp of certificates and CRLs from the future.
* Forbid sequence number wrapping
* Fix possible buffer overflow with overlong PSK
Bugfix
* ecp_gen_keypair() does more tries to prevent failure because of