Add ChangeLog entry for modular exponentiation size limit
Signed-off-by: Chris Jones <christopher.jones@arm.com>
This commit is contained in:
parent
0c5875fd0c
commit
16187a21be
1 changed files with 4 additions and 0 deletions
|
@ -0,0 +1,4 @@
|
|||
Security
|
||||
* Limit the size of calculations performed by mbedtls_mpi_exp_mod to
|
||||
MBEDTLS_MPI_MAX_SIZE to prevent a potential denial of service when
|
||||
generating Diffie-Hellman key pairs. Credit to OSS-Fuzz.
|
Loading…
Reference in a new issue