mbedtls: security bump to version 2.7.0 - buildroot

diff options

author	Baruch Siach <baruch@tkos.co.il>	2018-02-23 06:56:11 +0200
committer	Peter Korsgaard <peter@korsgaard.com>	2018-02-23 09:08:25 +0100
commit	3b7a59304a9c377b9aec1303d85a60d019b4b9b2 (patch)
tree	a84e0293999abe81bc35722b8f152ede99e14c31 /package/patch
parent	3733907f673427205288645a078691f930898333 (diff)
download	buildroot-3b7a59304a9c377b9aec1303d85a60d019b4b9b2.tar.gz buildroot-3b7a59304a9c377b9aec1303d85a60d019b4b9b2.zip

mbedtls: security bump to version 2.7.0

CVE-2018-0487: Remote attackers can execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session. CVE-2018-0488: When the truncated HMAC extension and CBC are used, allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption) via a crafted application packet within a TLS or DTLS session. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Diffstat (limited to 'package/patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: