mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-18 14:42:24 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Modifies ChangeLog

Browse Source 
Corrects erroneous removal from ChangeLog.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
This commit is contained in:
Thomas Daubney 2021-06-18 11:50:56 +01:00
parent 379227cc59
commit d596e99d61
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ChangeLog
View File

@ -1686,6 +1686,16 @@ Changes
= mbed TLS 2.8.0 branch released 2018-03-16 = mbed TLS 2.8.0 branch released 2018-03-16
Default behavior changes
* The truncated HMAC extension now conforms to RFC 6066. This means
that when both sides of a TLS connection negotiate the truncated
HMAC extension, Mbed TLS can now interoperate with other
compliant implementations, but this breaks interoperability with
prior versions of Mbed TLS. To restore the old behavior, enable
the (deprecated) option MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT in
config.h. Found by Andreas Walz (ivESK, Offenburg University of
Applied Sciences).
Security Security
* Fix implementation of the truncated HMAC extension. The previous * Fix implementation of the truncated HMAC extension. The previous
implementation allowed an offline 2^80 brute force attack on the implementation allowed an offline 2^80 brute force attack on the