Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2026-01-05 22:19:11 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge fix for IOTSSL-474 PKCS12 Overflow

Browse source 
Fix stack buffer overflow in PKCS12
This commit is contained in:
Simon Butcher 2015-10-04 22:47:59 +01:00
commit d5ba4672b2
2 changed files with 12 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
ChangeLog
View file

@ -4,10 +4,13 @@ mbed TLS ChangeLog (Sorted per branch, date)
Security
* Added fix for CVE-2015-xxxxx to prevent heap corruption due to buffer
overflow of the hostname or session ticket. (Found by Guido Vranken).
overflow of the hostname or session ticket. Found by Guido Vranken.
* Fix potential double-free if mbedtls_ssl_set_hs_psk() is called more than
once in the same handhake and mbedtls_ssl_conf_psk() was used.
Found and patch provided by Guido Vranken. Cannot be forced remotely.
* Fix stack buffer overflow in pkcs12 decryption (used by
mbedtls_pk_parse_key(file)() when the password is > 129 bytes.
Found by Guido Vranken. Not triggerable remotely.
Changes
* Added checking of hostname length in mbedtls_ssl_set_hostname() to ensure