mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-31 10:20:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update ChangeLog to make "fix" explicit

Browse Source 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
This commit is contained in:
Tom Cosgrove 2023-03-08 15:47:00 +00:00
parent ed7b5978cd
commit b3c6a1e04a
1 changed files with 15 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
ChangeLog
View File

@ -106,11 +106,11 @@ Security
* Fix potential heap buffer overread and overwrite in DTLS if * Fix potential heap buffer overread and overwrite in DTLS if
MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX. MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
* An adversary with access to precise enough information about memory * Fix an issue where an adversary with access to precise enough information
accesses (typically, an untrusted operating system attacking a secure about memory accesses (typically, an untrusted operating system attacking
enclave) could recover an RSA private key after observing the victim a secure enclave) could recover an RSA private key after observing the
performing a single private-key operation if the window size used for the victim performing a single private-key operation if the window size used
exponentiation was 3 or smaller. Found and reported by Zili KOU, for the exponentiation was 3 or smaller. Found and reported by Zili KOU,
Wenjian HE, Sharad Sinha, and Wei ZHANG. See "Cache Side-channel Attacks Wenjian HE, Sharad Sinha, and Wei ZHANG. See "Cache Side-channel Attacks
and Defenses of the Sliding Window Algorithm in TEEs" - Design, Automation and Defenses of the Sliding Window Algorithm in TEEs" - Design, Automation
and Test in Europe 2023. and Test in Europe 2023.
@ -969,16 +969,17 @@ Security
signature, allowing the recovery of the private key after observing a signature, allowing the recovery of the private key after observing a
large number of signature operations. This completes a partial fix in large number of signature operations. This completes a partial fix in
Mbed TLS 2.20.0. Mbed TLS 2.20.0.
* An adversary with access to precise enough information about memory * Fix an issue where an adversary with access to precise enough information
accesses (typically, an untrusted operating system attacking a secure about memory accesses (typically, an untrusted operating system attacking
enclave) could recover an RSA private key after observing the victim a secure enclave) could recover an RSA private key after observing the
performing a single private-key operation. Found and reported by victim performing a single private-key operation. Found and reported by
Zili KOU, Wenjian HE, Sharad Sinha, and Wei ZHANG. Zili KOU, Wenjian HE, Sharad Sinha, and Wei ZHANG.
* An adversary with access to precise enough timing information (typically, a * Fix an issue where an adversary with access to precise enough timing
co-located process) could recover a Curve25519 or Curve448 static ECDH key information (typically, a co-located process) could recover a Curve25519
after inputting a chosen public key and observing the victim performing the or Curve448 static ECDH key after inputting a chosen public key and
corresponding private-key operation. Found and reported by Leila Batina, observing the victim performing the corresponding private-key operation.
Lukas Chmielewski, Björn Haase, Niels Samwel and Peter Schwabe. Found and reported by Leila Batina, Lukas Chmielewski, Björn Haase, Niels
Samwel and Peter Schwabe.
Bugfix Bugfix
* Fix premature fopen() call in mbedtls_entropy_write_seed_file which may * Fix premature fopen() call in mbedtls_entropy_write_seed_file which may