diff options
author | Gilles Peskine <Gilles.Peskine@arm.com> | 2023-10-02 15:36:58 +0200 |
---|---|---|
committer | Gilles Peskine <Gilles.Peskine@arm.com> | 2023-10-02 15:38:51 +0200 |
commit | 6dd5b9a60c2d6f483c30f9b010f663dd63394451 (patch) | |
tree | e497fbe6d8debd7f4ede610d241bb846e05c2d6b | |
parent | b782415e1bd6df03543223e1c653641d9dcd946a (diff) | |
download | mbedtls-6dd5b9a60c2d6f483c30f9b010f663dd63394451.tar.gz |
In TLS 1.2, only servers are affected
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
-rw-r--r-- | ChangeLog.d/xxx_psa_peerkey.txt | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/ChangeLog.d/xxx_psa_peerkey.txt b/ChangeLog.d/xxx_psa_peerkey.txt index 1ba151000..d25e4ecbf 100644 --- a/ChangeLog.d/xxx_psa_peerkey.txt +++ b/ChangeLog.d/xxx_psa_peerkey.txt @@ -1,6 +1,8 @@ Security * Fix a remotely exploitable heap buffer overflow in TLS handshake parsing. - In TLS 1.3, all configurations are affected except PSK-only ones. + In TLS 1.3, all configurations are affected except PSK-only ones, and + both clients and servers are affected. In TLS 1.2, the affected configurations are those with - MBEDTLS_USE_PSA_CRYPTO and ECDH enabled but DHM and RSA disabled. + MBEDTLS_USE_PSA_CRYPTO and ECDH enabled but DHM and RSA disabled, + and only servers are affected, not clients. Credit to OSS-Fuzz. |