yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 18:15:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

Minor Changelog updates & fixes

Browse Source 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman 2021-12-15 11:52:54 +00:00
parent 0798a827c8
commit f00d9a2340
1 changed files with 15 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
ChangeLog
View File

@ -1,6 +1,6 @@
mbed TLS ChangeLog (Sorted per branch, date) mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS x.x.x branch released xxxx-xx-xx = mbed TLS 2.28.0 branch released 2021-12-17
API changes API changes
* Some fields of mbedtls_ssl_session and mbedtls_ssl_config are in a * Some fields of mbedtls_ssl_session and mbedtls_ssl_config are in a
@ -46,6 +46,11 @@ Security
from the output buffer. This fixes a potential policy bypass or decryption from the output buffer. This fixes a potential policy bypass or decryption
oracle vulnerability if the output buffer is in memory that is shared with oracle vulnerability if the output buffer is in memory that is shared with
an untrusted application. an untrusted application.
* Fix a double-free that happened after mbedtls_ssl_set_session() or
mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED
(out of memory). After that, calling mbedtls_ssl_session_free()
and mbedtls_ssl_free() would cause an internal session buffer to
be free()'d twice.
Bugfix Bugfix
* Stop using reserved identifiers as local variables. Fixes #4630. * Stop using reserved identifiers as local variables. Fixes #4630.
@ -86,8 +91,8 @@ Bugfix
these two. these two.
* Fix issue in Makefile on Linux with SHARED=1, that caused shared libraries * Fix issue in Makefile on Linux with SHARED=1, that caused shared libraries
not to list other shared libraries they need. not to list other shared libraries they need.
* Fix a bug in mbedtls_gcm_starts() when bits of iv are longer than 2^32. * Fix a bug in mbedtls_gcm_starts() when the bit length of the iv
* Fix #4884. exceeds 2^32. Fixes #4884.
* Fix an uninitialized variable warning in test_suite_ssl.function with GCC * Fix an uninitialized variable warning in test_suite_ssl.function with GCC
version 11. version 11.
* Fix the build when no SHA2 module is included. Fixes #4930. * Fix the build when no SHA2 module is included. Fixes #4930.
@ -96,11 +101,6 @@ Bugfix
pkcs12 functions when the password is empty. Fix the documentation to pkcs12 functions when the password is empty. Fix the documentation to
better describe the inputs to these functions and their possible values. better describe the inputs to these functions and their possible values.
Fixes #5136. Fixes #5136.
* Fix a double-free that happened after mbedtls_ssl_set_session() or
mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED
(out of memory). After that, calling mbedtls_ssl_session_free()
and mbedtls_ssl_free() would cause an internal session buffer to
be free()'d twice.
* The key usage flags PSA_KEY_USAGE_SIGN_MESSAGE now allows the MAC * The key usage flags PSA_KEY_USAGE_SIGN_MESSAGE now allows the MAC
operations psa_mac_compute() and psa_mac_sign_setup(). operations psa_mac_compute() and psa_mac_sign_setup().
* The key usage flags PSA_KEY_USAGE_VERIFY_MESSAGE now allows the MAC * The key usage flags PSA_KEY_USAGE_VERIFY_MESSAGE now allows the MAC