Fix merge errors in ChangeLog

This commit is contained in:
Simon Butcher 2017-07-26 17:25:55 +01:00
parent 2e65a54d5a
commit 5deb518d05

View File

@ -2,22 +2,6 @@ mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS x.x.x branch released xxxx-xx-xx = mbed TLS x.x.x branch released xxxx-xx-xx
Bugfix
* Add a check if iv_len is zero, and return an error if it is zero. reported
by roberto. #716
* Replace preproccessor condition from #if defined(MBEDTLS_THREADING_PTHREAD)
to #if defined(MBEDTLS_THREADING_C) as the library cannot assume they will
always be implemented by pthread support. Fix for #696
* Fix resource leak on windows platform, in mbedtls_x509_crt_parse_path.
In case of failure, when an error occures, goto cleanup.
Found by redplait #590
* Add MBEDTLS_MPI_CHK to check for error value of mbedtls_mpi_fill_random.
Reported and fix suggested by guidovranken in #740
* Fix a potential integer overflow in the version verification for DER
encoded X509 CRLs. The overflow would enable maliciously constructed CRLs
to bypass the version verification check. Found by Peng Li/Yueh-Hsun Lin,
KNOX Security, Samsung Research America
Features Features
* Add the functions mbedtls_platform_setup() and mbedtls_platform_teardown() * Add the functions mbedtls_platform_setup() and mbedtls_platform_teardown()
and the context struct mbedtls_platform_context to perform and the context struct mbedtls_platform_context to perform
@ -46,10 +30,17 @@ Bugfix
Reported and fix suggested by guidovranken in #740 Reported and fix suggested by guidovranken in #740
* Fix conditional preprocessor directives in bignum.h to enable 64-bit * Fix conditional preprocessor directives in bignum.h to enable 64-bit
compilation when using ARM Compiler 6. compilation when using ARM Compiler 6.
* Fix a potential integer overflow in the version verification for DER
encoded X509 CRLs. The overflow would enable maliciously constructed CRLs
to bypass the version verification check. Found by Peng Li/Yueh-Hsun Lin,
KNOX Security, Samsung Research America
* Fix potential integer overflow in the version verification for DER * Fix potential integer overflow in the version verification for DER
encoded X509 CSRs. The overflow would enable maliciously constructed CSRs encoded X509 CSRs. The overflow would enable maliciously constructed CSRs
to bypass the version verification check. Found by Peng Li/Yueh-Hsun Lin, to bypass the version verification check. Found by Peng Li/Yueh-Hsun Lin,
KNOX Security, Samsung Research America KNOX Security, Samsung Research America
* Fix a potential integer overflow in the version verification for DER
encoded X509 certificates. The overflow would enable maliciously
constructed certificates to bypass the certificate verification check.
Security Security
* Fix authentication bypass in SSL/TLS: when auth_mode is set to optional, * Fix authentication bypass in SSL/TLS: when auth_mode is set to optional,
@ -232,9 +223,6 @@ Bugfix
digits. Found and fixed by Guido Vranken. digits. Found and fixed by Guido Vranken.
* Fix unlisted DES configuration dependency in some pkparse test cases. Found * Fix unlisted DES configuration dependency in some pkparse test cases. Found
by inestlerode. #555 by inestlerode. #555
* Fix a potential integer overflow in the version verification for DER
encoded X509 certificates. The overflow would enable maliciously
constructed certificates to bypass the certificate verification check.
= mbed TLS 2.4.1 branch released 2016-12-13 = mbed TLS 2.4.1 branch released 2016-12-13