[Buildroot] [PATCH] mbedtls: security bump to version 2.7.2

Peter Korsgaard peter at korsgaard.com
Tue May 1 06:55:59 UTC 2018


>>>>> "Baruch" == Baruch Siach <baruch at tkos.co.il> writes:

 > The release announcement mentions these security fixes:
 >   Defend against Bellcore glitch attacks by verifying the results of RSA
 >   private key operations.

 >   Fix implementation of the truncated HMAC extension. The previous
 >   implementation allowed an offline 2^80 brute force attack on the HMAC
 >   key of a single, uninterrupted connection (with no resumption of the
 >   session).

 >   Reject CRLs containing unsupported critical extensions.

 >   Fix a buffer overread in ssl_parse_server_key_exchange() that could
 >   cause a crash on invalid input. (CVE-2018-9988)

 >   Fix a buffer overread in ssl_parse_server_psk_hint() that could cause
 >   a crash on invalid input. (CVE-2018-9989)

 > Drop upstream patch.

 > Signed-off-by: Baruch Siach <baruch at tkos.co.il>

Committed to 2018.02.x, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list