Changed attribution for Guido Vranken
This commit is contained in:
parent
6418ffaadb
commit
c48b66bfb6
1 changed files with 15 additions and 17 deletions
32
ChangeLog
32
ChangeLog
|
@ -4,22 +4,27 @@ mbed TLS ChangeLog (Sorted per branch, date)
|
|||
|
||||
Security
|
||||
* Added fix for CVE-2015-xxxxx to prevent heap corruption due to buffer
|
||||
overflow of the hostname or session ticket. Found by Guido Vranken.
|
||||
overflow of the hostname or session ticket. Found by Guido Vranken,
|
||||
Intelworks.
|
||||
* Fix potential double-free if mbedtls_ssl_set_hs_psk() is called more than
|
||||
once in the same handhake and mbedtls_ssl_conf_psk() was used.
|
||||
Found and patch provided by Guido Vranken. Cannot be forced remotely.
|
||||
Found and patch provided by Guido Vranken, Intelworks. Cannot be forced
|
||||
remotely.
|
||||
* Fix stack buffer overflow in pkcs12 decryption (used by
|
||||
mbedtls_pk_parse_key(file)() when the password is > 129 bytes.
|
||||
Found by Guido Vranken. Not triggerable remotely.
|
||||
Found by Guido Vranken, Intelworks. Not triggerable remotely.
|
||||
* Fix potential buffer overflow in mbedtls_mpi_read_string().
|
||||
Found by Guido Vranken. Not exploitable remotely in the context of TLS,
|
||||
but might be in other uses. On 32 bit machines, requires reading a string
|
||||
of close to or larger than 1GB to exploit; on 64 bit machines, would require
|
||||
reading a string of close to or larger than 2^62 bytes.
|
||||
Found by Guido Vranken, Intelworks. Not exploitable remotely in the context
|
||||
of TLS, but might be in other uses. On 32 bit machines, requires reading a
|
||||
string of close to or larger than 1GB to exploit; on 64 bit machines, would
|
||||
require reading a string of close to or larger than 2^62 bytes.
|
||||
* Fix potential random memory allocation in mbedtls_pem_read_buffer()
|
||||
on crafted PEM input data. Found an fix provided by Guid Vranken.
|
||||
Not triggerable remotely in TLS. Triggerable remotely if you accept PEM
|
||||
data from an untrusted source.
|
||||
on crafted PEM input data. Found and fix provided by Guido Vranken,
|
||||
Intelworks. Not triggerable remotely in TLS. Triggerable remotely if you
|
||||
accept PEM data from an untrusted source.
|
||||
* Fix possible heap buffer overflow in base64_encoded() when the input
|
||||
buffer is 512MB or larger on 32-bit platforms. Found by Guido Vranken,
|
||||
Intelworks. Not trigerrable remotely in TLS.
|
||||
|
||||
Changes
|
||||
* Added checking of hostname length in mbedtls_ssl_set_hostname() to ensure
|
||||
|
@ -29,13 +34,6 @@ Changes
|
|||
|
||||
= mbed TLS 2.1.1 released 2015-09-17
|
||||
|
||||
Security
|
||||
* Fix possible heap buffer overflow in base64_encoded() when the input
|
||||
buffer is 512MB or larger on 32-bit platforms.
|
||||
Found by Guido Vranken. Not trigerrable remotely in TLS.
|
||||
|
||||
= mbed TLS 2.1.1 released 2015-09-17
|
||||
|
||||
Security
|
||||
* Add countermeasure against Lenstra's RSA-CRT attack for PKCS#1 v1.5
|
||||
signatures. (Found by Florian Weimer, Red Hat.)
|
||||
|
|
Loading…
Reference in a new issue