From b09c5721f57d6988ec4a1dadeac7e6cc6ca65b9c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 20 Nov 2017 10:43:35 +0000 Subject: [PATCH] Adapt ChangeLog --- ChangeLog | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/ChangeLog b/ChangeLog index 1b01eb682..e5ba2139b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,14 @@ mbed TLS ChangeLog (Sorted per branch, date) = mbed TLS 2.1.10 branch released 2017-xx-xx +Security + * Fix heap corruption in implementation of truncated HMAC extension. + When the truncated HMAC extension is enabled and CBC is used, + sending a malicious application packet can be used to selectively + corrupt 6 bytes on the peer's heap, potentially leading to crash or + remote code execution. This can be triggered remotely from either + side in both TLS and DTLS. + Bugfix * Fix ssl_parse_record_header() to silently discard invalid DTLS records as recommended in RFC 6347 Section 4.1.2.7.