home-assistant
/
buildroot
mirror of https://github.com/home-assistant/buildroot.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
buildroot/package/mbedtls
History
Fabrice Fontaine 738d05904c package/mbedtls: security bump to version 2.28.2 
Fix the following security issues:
- Fix potential heap buffer overread and overwrite in DTLS if
  MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
  MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
- An adversary with access to precise enough information about memory
  accesses (typically, an untrusted operating system attacking a secure
  enclave) could recover an RSA private key after observing the victim
  performing a single private-key operation if the window size used for
  the exponentiation was 3 or smaller.

Drop patch (already in version:
9d9d45c6b2)

https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c2baa583c3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 		2022-12-21 18:59:29 +01:00
..
Config.in
mbedtls.hash package/mbedtls: security bump to version 2.28.2 2022-12-21 18:59:29 +01:00
mbedtls.mk package/mbedtls: security bump to version 2.28.2 2022-12-21 18:59:29 +01:00