Improve Changelog
This commit is contained in:
parent
90651914a9
commit
5a1c0e7162
1 changed files with 35 additions and 22 deletions
57
ChangeLog
57
ChangeLog
|
@ -17,39 +17,45 @@ Security
|
||||||
potential Bleichenbacher/BERserk-style attack.
|
potential Bleichenbacher/BERserk-style attack.
|
||||||
|
|
||||||
Bugfix
|
Bugfix
|
||||||
* Remove invalid use of size zero arrays in ECJPAKE test suite.
|
* Remove size zero arrays from ECJPAKE test suite. Size zero arrays are not
|
||||||
|
valid C and they prevented the test from compiling in Visual Studio 2015
|
||||||
|
and with GCC using the -Wpedantic compilation option.
|
||||||
* Fix insufficient support for signature-hash-algorithm extension,
|
* Fix insufficient support for signature-hash-algorithm extension,
|
||||||
resulting in compatibility problems with Chrome. Found by hfloyrd. #823
|
resulting in compatibility problems with Chrome. Found by hfloyrd. #823
|
||||||
* If sending a fatal alert fails, make sure not to hide the error
|
* Fix behaviour that hid the original cause of fatal alerts in some cases
|
||||||
|
when sending the alert failed. The fix makes sure not to hide the error
|
||||||
that triggered the alert.
|
that triggered the alert.
|
||||||
* In SSLv3, if refusing a renegotiation attempt, don't process any further
|
* Fix SSLv3 renegotiation behaviour and stop processing data received from
|
||||||
data.
|
peer after sending a fatal alert to refuse a renegotiation attempt.
|
||||||
|
Previous behaviour was to keep processing data even after the alert has
|
||||||
|
been sent.
|
||||||
* Accept empty trusted CA chain in authentication mode
|
* Accept empty trusted CA chain in authentication mode
|
||||||
MBEDTLS_SSL_VERIFY_OPTIONAL.
|
MBEDTLS_SSL_VERIFY_OPTIONAL.
|
||||||
Fixes #864. Found by jethrogb.
|
Found by jethrogb. #864
|
||||||
* Fix implementation of mbedtls_ssl_parse_certificate
|
* Fix implementation of mbedtls_ssl_parse_certificate() to not annihilate
|
||||||
to not annihilate fatal errors in authentication mode
|
fatal errors in authentication mode MBEDTLS_SSL_VERIFY_OPTIONAL and to
|
||||||
MBEDTLS_SSL_VERIFY_OPTIONAL and to reflect bad EC curves
|
reflect bad EC curves within verification result.
|
||||||
within verification result.
|
* Fix bug that caused the modular inversion function to accept the invalid
|
||||||
* Fix modular inversion function on invalid modulus 1.
|
modulus 1 and therefore to hang. Found by blaufish. #641.
|
||||||
Found by blaufish. Fixes #641.
|
* Fix incorrect sign computation in modular exponentiation when the base is
|
||||||
* Fix incorrect sign computation in modular exponentiation
|
a negative MPI. Previously the result was always negative. Found by Guido
|
||||||
when dealing with negative MPI. Found by Guido Vranken.
|
Vranken.
|
||||||
* Fix potential stack underflow in mpi_read_file.
|
* Fix a numerical underflow leading to stack overflow in mpi_read_file()
|
||||||
Found by Guido Vranken.
|
that was triggered uppon reading an empty line. Found by Guido Vranken.
|
||||||
|
|
||||||
Changes
|
Changes
|
||||||
* Send fatal alerts in many more cases instead of dropping the connection.
|
* Send fatal alerts in more cases. The previous behaviour was to skip
|
||||||
|
sending the fatal alert and just drop the connection.
|
||||||
* Clarify ECDSA documentation and improve the sample code to avoid
|
* Clarify ECDSA documentation and improve the sample code to avoid
|
||||||
misunderstandings and potentially dangerous use of the API. Pointed out
|
misunderstanding and potentially dangerous use of the API. Pointed out
|
||||||
by Jean-Philippe Aumasson.
|
by Jean-Philippe Aumasson.
|
||||||
|
|
||||||
= mbed TLS 2.5.0 branch released 2017-05-17
|
= mbed TLS 2.5.0 branch released 2017-05-17
|
||||||
|
|
||||||
Security
|
Security
|
||||||
* Wipe stack buffers in RSA private key operations
|
* Wipe stack buffers in RSA private key operations
|
||||||
(rsa_rsaes_pkcs1_v15_decrypt(), rsa_rsaes_oaep_decrypt).
|
(rsa_rsaes_pkcs1_v15_decrypt(), rsa_rsaes_oaep_decrypt). Found by Laurent
|
||||||
Found by Laurent Simon.
|
Simon.
|
||||||
* Add exponent blinding to RSA private operations as a countermeasure
|
* Add exponent blinding to RSA private operations as a countermeasure
|
||||||
against side-channel attacks like the cache attack described in
|
against side-channel attacks like the cache attack described in
|
||||||
https://arxiv.org/abs/1702.08719v2.
|
https://arxiv.org/abs/1702.08719v2.
|
||||||
|
@ -57,8 +63,10 @@ Security
|
||||||
Clémentine Maurice and Stefan Mangard.
|
Clémentine Maurice and Stefan Mangard.
|
||||||
|
|
||||||
Features
|
Features
|
||||||
* Exposed parts of the Elliptic Curve Point internal interface, to provide
|
* Add hardware acceleration support for the Elliptic Curve Point module.
|
||||||
interface for external hardware acceleration code.
|
This involved exposing parts of the internal interface to enable
|
||||||
|
replacing the core functions and adding and alternative, module level
|
||||||
|
replacement support for enabling the extension of the interface.
|
||||||
* Add a new configuration option to 'mbedtls_ssl_config' to enable
|
* Add a new configuration option to 'mbedtls_ssl_config' to enable
|
||||||
suppressing the CA list in Certificate Request messages. The default
|
suppressing the CA list in Certificate Request messages. The default
|
||||||
behaviour has not changed, namely every configured CAs name is included.
|
behaviour has not changed, namely every configured CAs name is included.
|
||||||
|
@ -74,7 +82,12 @@ API Changes
|
||||||
Bugfix
|
Bugfix
|
||||||
* Remove macros from compat-1.3.h that correspond to deleted items from most
|
* Remove macros from compat-1.3.h that correspond to deleted items from most
|
||||||
recent versions of the library. Found by Kyle Keen.
|
recent versions of the library. Found by Kyle Keen.
|
||||||
* Fixed issue in mutexes to failing to initialise. #667
|
* Fixed issue in the Threading module that prevented mutexes from
|
||||||
|
initialising. Found by sznaider. #667 #843
|
||||||
|
* Add checks in the PK module for the RSA functions on 64-bit systems.
|
||||||
|
The PK and RSA modules use different types for passing hash length and
|
||||||
|
without these checks the type cast could lead to data loss. Found by Guido
|
||||||
|
Vranken.
|
||||||
|
|
||||||
= mbed TLS 2.4.2 branch released 2017-03-08
|
= mbed TLS 2.4.2 branch released 2017-03-08
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue