diff options
| author | Dave Rodgman <dave.rodgman@arm.com> | 2024-01-22 15:40:12 +0000 |
|---|---|---|
| committer | Dave Rodgman <dave.rodgman@arm.com> | 2024-01-22 15:40:12 +0000 |
| commit | 6ba416968b0c14336141501b90ef9b34ec3a3eff (patch) | |
| tree | 6d083a84d123335d82cc10be6fa20e7140255b15 | |
| parent | 0d57f1034e2ebd1b29e1adb8620b1f0b16b6fe80 (diff) | |
| download | mbedtls-6ba416968b0c14336141501b90ef9b34ec3a3eff.tar.gz | |
Assemble Changelog
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
| -rw-r--r-- | ChangeLog | 15 | ||||
| -rw-r--r-- | ChangeLog.d/fix-Marvin-attack.txt | 8 | ||||
| -rw-r--r-- | ChangeLog.d/fix_int_overflow_x509_extension | 8 |
3 files changed, 15 insertions, 16 deletions
@@ -1,5 +1,20 @@ Mbed TLS ChangeLog (Sorted per branch, date) += Mbed TLS 3.5.2 branch released 2024-01-26 + +Security + * Fix a timing side channel in private key RSA operations. This side channel + could be sufficient for an attacker to recover the plaintext. A local + attacker or a remote attacker who is close to the victim on the network + might have precise enough timing measurements to exploit this. It requires + the attacker to send a large number of messages for decryption. For + details, see "Everlasting ROBOT: the Marvin Attack", Hubert Kario. Reported + by Hubert Kario, Red Hat. + * Fix a failure to validate input when writing x509 extensions lengths which + could result in an integer overflow, causing a zero-length buffer to be + allocated to hold the extension. The extension would then be copied into + the buffer, causing a heap buffer overflow. + = Mbed TLS 3.5.1 branch released 2023-11-06 Changes diff --git a/ChangeLog.d/fix-Marvin-attack.txt b/ChangeLog.d/fix-Marvin-attack.txt deleted file mode 100644 index 763533c25..000000000 --- a/ChangeLog.d/fix-Marvin-attack.txt +++ /dev/null @@ -1,8 +0,0 @@ -Security - * Fix a timing side channel in private key RSA operations. This side channel - could be sufficient for an attacker to recover the plaintext. A local - attacker or a remote attacker who is close to the victim on the network - might have precise enough timing measurements to exploit this. It requires - the attacker to send a large number of messages for decryption. For - details, see "Everlasting ROBOT: the Marvin Attack", Hubert Kario. Reported - by Hubert Kario, Red Hat. diff --git a/ChangeLog.d/fix_int_overflow_x509_extension b/ChangeLog.d/fix_int_overflow_x509_extension deleted file mode 100644 index 2a679284f..000000000 --- a/ChangeLog.d/fix_int_overflow_x509_extension +++ /dev/null @@ -1,8 +0,0 @@ -Security - * Fix a failure to validate input when writing x509 extensions lengths which - could result in an integer overflow, causing a zero-length buffer to be - allocated to hold the extension. The extension would then be copied into - the buffer, causing a heap buffer overflow. - - - |