yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 22:25:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Refined credits in ChangeLog for fuzzing issue

Browse Source 
Changed GDS to Gotham Digital Science
This commit is contained in:
Simon Butcher 2015-09-22 10:26:12 +01:00
parent a7975dcf9a
commit 2cf9696785
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog
View File

@ -5,7 +5,8 @@ PolarSSL ChangeLog
Security Security
* Fix possible client-side NULL pointer dereference (read) when the client * Fix possible client-side NULL pointer dereference (read) when the client
tries to continue the handshake after it failed (a misuse of the API). tries to continue the handshake after it failed (a misuse of the API).
(Found by GDS Labs using afl-fuzz.) (Found and patch provided by Fabian Foerg, Gotham Digital Science using
afl-fuzz.)
* Add countermeasure against Lenstra's RSA-CRT attack for PKCS#1 v1.5 * Add countermeasure against Lenstra's RSA-CRT attack for PKCS#1 v1.5
signatures. (Found by Florian Weimer, Red Hat.) signatures. (Found by Florian Weimer, Red Hat.)
https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/ https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/