yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 11:15:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add changelog entry for mbedtls_ecdh_get_params robustness

Browse Source
This commit is contained in:
Gilles Peskine 2018-11-07 22:39:16 +01:00
parent b47045a18e
commit 661610c8e0
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ChangeLog
View File

@ -2,6 +2,14 @@ mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS 2.x.x branch released xxxx-xx-xx = mbed TLS 2.x.x branch released xxxx-xx-xx
Security
* Make mbedtls_ecdh_get_params return an error if the second key
belongs to a different group from the first. Before, if an application
passed keys that belonged to different group, the first key's data was
interpreted according to the second group, which could lead to either
an error or a meaningless output from mbedtls_ecdh_get_params. In the
latter case, this could expose at most 5 bits of the private key.
Bugfix Bugfix
* Fix a compilation issue with mbedtls_ecp_restart_ctx not being defined * Fix a compilation issue with mbedtls_ecp_restart_ctx not being defined
when MBEDTLS_ECP_ALT is defined. Reported by jwhui. Fixes #2242. when MBEDTLS_ECP_ALT is defined. Reported by jwhui. Fixes #2242.