Add ChangeLog entries for pk_parse_key() fixes

This commit is contained in:
Manuel Pégourié-Gonnard 2020-02-19 09:31:38 +01:00
parent 609d79ed8e
commit 08f06eb049

View File

@ -11,6 +11,11 @@ Security
Bugfix
* Fix an unchecked call to mbedtls_md() in the x509write module.
* Fix a bug in mbedtls_pk_parse_key() that would cause it to accept some
RSA keys that would later be rejected by functions expecting private
keys. Found by Catena cyber using oss-fuzz (issue 20467).
* Fix a bug in mbedtls_pk_parse_key() that would cause it to accept some
RSA keys with invalid values by silently fixing those values.
= mbed TLS 2.7.13 branch released 2020-01-15