Update ChangeLog
This commit is contained in:
parent
1df4923eb1
commit
004198adb3
1 changed files with 5 additions and 3 deletions
|
@ -9,14 +9,16 @@ Security
|
||||||
corrupt 6 bytes on the peer's heap, potentially leading to crash or
|
corrupt 6 bytes on the peer's heap, potentially leading to crash or
|
||||||
remote code execution. This can be triggered remotely from either
|
remote code execution. This can be triggered remotely from either
|
||||||
side in both TLS and DTLS.
|
side in both TLS and DTLS.
|
||||||
|
* Fix implementation of truncated HMAC extension leading to
|
||||||
|
compatibility problems with non Mbed TLS peers and allowing
|
||||||
|
an offline 2^80 brute force attack on the HMAC key of a single,
|
||||||
|
uninterrupted (excluding session resumption) connection.
|
||||||
|
Found by Andreas Walz.
|
||||||
|
|
||||||
Features
|
Features
|
||||||
* Allow comments in test data files.
|
* Allow comments in test data files.
|
||||||
|
|
||||||
Bugfix
|
Bugfix
|
||||||
* Fix wrong implementation of truncated HMAC extension leading to
|
|
||||||
compatibility problems with peers not running Mbed TLS. Found by
|
|
||||||
Andreas Walz.
|
|
||||||
* Fix ssl_parse_record_header() to silently discard invalid DTLS records
|
* Fix ssl_parse_record_header() to silently discard invalid DTLS records
|
||||||
as recommended in RFC 6347 Section 4.1.2.7.
|
as recommended in RFC 6347 Section 4.1.2.7.
|
||||||
* Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times.
|
* Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times.
|
||||||
|
|
Loading…
Reference in a new issue