Changed attribution for Guido Vranken

This commit is contained in:
Simon Butcher 2015-10-05 10:18:17 +01:00
parent 6418ffaadb
commit c48b66bfb6

View file

@ -4,22 +4,27 @@ mbed TLS ChangeLog (Sorted per branch, date)
Security
* Added fix for CVE-2015-xxxxx to prevent heap corruption due to buffer
overflow of the hostname or session ticket. Found by Guido Vranken.
overflow of the hostname or session ticket. Found by Guido Vranken,
Intelworks.
* Fix potential double-free if mbedtls_ssl_set_hs_psk() is called more than
once in the same handhake and mbedtls_ssl_conf_psk() was used.
Found and patch provided by Guido Vranken. Cannot be forced remotely.
Found and patch provided by Guido Vranken, Intelworks. Cannot be forced
remotely.
* Fix stack buffer overflow in pkcs12 decryption (used by
mbedtls_pk_parse_key(file)() when the password is > 129 bytes.
Found by Guido Vranken. Not triggerable remotely.
Found by Guido Vranken, Intelworks. Not triggerable remotely.
* Fix potential buffer overflow in mbedtls_mpi_read_string().
Found by Guido Vranken. Not exploitable remotely in the context of TLS,
but might be in other uses. On 32 bit machines, requires reading a string
of close to or larger than 1GB to exploit; on 64 bit machines, would require
reading a string of close to or larger than 2^62 bytes.
Found by Guido Vranken, Intelworks. Not exploitable remotely in the context
of TLS, but might be in other uses. On 32 bit machines, requires reading a
string of close to or larger than 1GB to exploit; on 64 bit machines, would
require reading a string of close to or larger than 2^62 bytes.
* Fix potential random memory allocation in mbedtls_pem_read_buffer()
on crafted PEM input data. Found an fix provided by Guid Vranken.
Not triggerable remotely in TLS. Triggerable remotely if you accept PEM
data from an untrusted source.
on crafted PEM input data. Found and fix provided by Guido Vranken,
Intelworks. Not triggerable remotely in TLS. Triggerable remotely if you
accept PEM data from an untrusted source.
* Fix possible heap buffer overflow in base64_encoded() when the input
buffer is 512MB or larger on 32-bit platforms. Found by Guido Vranken,
Intelworks. Not trigerrable remotely in TLS.
Changes
* Added checking of hostname length in mbedtls_ssl_set_hostname() to ensure
@ -29,13 +34,6 @@ Changes
= mbed TLS 2.1.1 released 2015-09-17
Security
* Fix possible heap buffer overflow in base64_encoded() when the input
buffer is 512MB or larger on 32-bit platforms.
Found by Guido Vranken. Not trigerrable remotely in TLS.
= mbed TLS 2.1.1 released 2015-09-17
Security
* Add countermeasure against Lenstra's RSA-CRT attack for PKCS#1 v1.5
signatures. (Found by Florian Weimer, Red Hat.)