mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 21:05:37 +01:00
Parse HelloVerifyRequest buffer overread: add changelog entry
This commit is contained in:
parent
2414ce1a5e
commit
99258ff315
@ -7,6 +7,8 @@ Security
|
||||
during certificate extensions parsing. In case of receiving malformed
|
||||
input (extensions length field equal to 0), an illegal read of one byte
|
||||
beyond the input buffer is made. Found and analyzed by Nathan Crandall.
|
||||
* Fix a potentially remotely exploitable buffer overread in a
|
||||
DTLS client when parsing the Hello Verify Request message.
|
||||
|
||||
Bugfix
|
||||
* Fix a potential memory leak in mbedtls_ssl_setup() function. An allocation
|
||||
|
Loading…
Reference in New Issue
Block a user