mbedtls/ChangeLog.d/fix-overread-in-tls13-debug.txt
Janos Follath 0086f8626a Add changelog entry
PR7083 silently fixed a security vulnerability in public, this commit
adds a changelog entry for it.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-03-15 13:31:48 +00:00

4 lines
153 B
Plaintext

Security
* Fix a potential heap buffer overread in TLS 1.3 client-side when
MBEDTLS_DEBUG_C is enabled. This may result in an application crash.