Update ChangeLog for crypto changes from 799ae77f90

Add ChangeLog entries for changes brought by the submodule update in the previous commit.
2024-11-22 12:45:39 +01:00 · 2020-02-11 19:12:49 +01:00 · 2020-02-11 19:12:49 +01:00 · 25a5c09fbb
commit 25a5c09fbb
parent 799ae77f90
1 changed files with 7 additions and 0 deletions
--- a/7
+++ b/7
@ -17,6 +17,11 @@ Security
     unless the RNG is broken, and could result in information disclosure or
     denial of service (application crash or extra resource consumption).
     Found by Auke Zeilstra and Peter Schwabe, using static analysis.
+   * To avoid a side channel vulnerability when parsing an RSA private key,
+     read all the CRT parameters from the DER structure rather than
+     reconstructing them. Found by Alejandro Cabrera Aldaya and Billy Bob
+     Brumley. Reported and fix contributed by Jack Lloyd.
+     ARMmbed/mbed-crypto#352

 Features
   * The new build option MBEDTLS_SHA512_NO_SHA384 allows building SHA-512
@ -37,6 +42,8 @@ Bugfix
     Jack Lloyd in #2859. Fix submitted by jiblime in #2963.
   * Fix some false-positive uninitialized variable warnings in X.509. Fix
     contributed by apple-ihack-geek in #2663.
+   * Fix a possible error code mangling in psa_mac_verify_finish() when
+     a cryptographic accelerator fails. ARMmbed/mbed-crypto#345

 = mbed TLS 2.20.0 branch released 2020-01-15