mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 11:25:38 +01:00
Generalize MAC zeroization changelog entry
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
8c99a760d5
commit
d61551c017
6
ChangeLog.d/mac-zeroize.txt
Normal file
6
ChangeLog.d/mac-zeroize.txt
Normal file
@ -0,0 +1,6 @@
|
||||
Security
|
||||
* Zeroize several intermediate variables used to calculate the expected
|
||||
value when verifying a MAC or AEAD tag. This hardens the library in
|
||||
case the value leaks through a memory disclosure vulnerability. For
|
||||
example, a memory disclosure vulnerability could have allowed a
|
||||
man-in-the-middle to inject fake ciphertext into a DTLS connection.
|
@ -1,5 +0,0 @@
|
||||
Security
|
||||
* Zeroize intermediate variables used to calculate the MAC in CBC cipher
|
||||
suites. This hardens the library in case stack memory leaks through a
|
||||
memory disclosure vulnerabilty, which could formerly have allowed a
|
||||
man-in-the-middle to inject fake ciphertext into a DTLS connection.
|
Loading…
Reference in New Issue
Block a user