From e298eeb739be318f44c8766ec8987461cc105a32 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 14 Oct 2024 11:03:24 +0200 Subject: [PATCH] Changelog entry for security fix Signed-off-by: Gilles Peskine --- ChangeLog.d/9690.txt | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 ChangeLog.d/9690.txt diff --git a/ChangeLog.d/9690.txt b/ChangeLog.d/9690.txt new file mode 100644 index 0000000000..8dda75cc7c --- /dev/null +++ b/ChangeLog.d/9690.txt @@ -0,0 +1,8 @@ +Security + * Fix a buffer underrun in mbedtls_pk_write_pubkey_der() when + called on an opaque key, MBEDTLS_USE_PSA_CRYPTO is enabled, + and the output buffer is smaller than the actual output. + Fix a related buffer underrun in mbedtls_pk_write_pubkey_pem() + when called on an opaque RSA key, MBEDTLS_USE_PSA_CRYPTO is enabled + and MBEDTLS_MPI_MAX_SIZE is smaller than needed for a 4096-bit RSA key. + CVE-2024-49195