mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-22 11:25:42 +01:00
Adapt ChangeLog
This commit is contained in:
parent
0b7b83fd91
commit
930025da6d
12
ChangeLog
12
ChangeLog
@ -1,5 +1,17 @@
|
|||||||
mbed TLS ChangeLog (Sorted per branch, date)
|
mbed TLS ChangeLog (Sorted per branch, date)
|
||||||
|
|
||||||
|
= mbed TLS x.x.x branch released xxxx-xx-xx
|
||||||
|
|
||||||
|
Security
|
||||||
|
* Fix a potential heap buffer overflow in mbedtls_ssl_write. When the (by
|
||||||
|
default enabled) maximum fragment length extension is disabled in the
|
||||||
|
config and the application data buffer passed to mbedtls_ssl_write
|
||||||
|
is larger than the internal message buffer (16384 bytes by default), the
|
||||||
|
latter overflows. The exploitability of this issue depends on whether the
|
||||||
|
application layer can be forced into sending such large packets. The issue
|
||||||
|
was independently reported by Tim Nordell via e-mail and by Florin Petriuc
|
||||||
|
and sjorsdewit on GitHub. Fix proposed by Florin Petriuc in #1022. Fixes #707.
|
||||||
|
|
||||||
= mbed TLS 2.6.0 branch released 2017-08-10
|
= mbed TLS 2.6.0 branch released 2017-08-10
|
||||||
|
|
||||||
Security
|
Security
|
||||||
|
Loading…
Reference in New Issue
Block a user