[Buildroot] [PATCH] mbedtls: security bump to version 2.7.2
peter at korsgaard.com
Tue May 1 06:55:59 UTC 2018
>>>>> "Baruch" == Baruch Siach <baruch at tkos.co.il> writes:
> The release announcement mentions these security fixes:
> Defend against Bellcore glitch attacks by verifying the results of RSA
> private key operations.
> Fix implementation of the truncated HMAC extension. The previous
> implementation allowed an offline 2^80 brute force attack on the HMAC
> key of a single, uninterrupted connection (with no resumption of the
> Reject CRLs containing unsupported critical extensions.
> Fix a buffer overread in ssl_parse_server_key_exchange() that could
> cause a crash on invalid input. (CVE-2018-9988)
> Fix a buffer overread in ssl_parse_server_psk_hint() that could cause
> a crash on invalid input. (CVE-2018-9989)
> Drop upstream patch.
> Signed-off-by: Baruch Siach <baruch at tkos.co.il>
Committed to 2018.02.x, thanks.
Bye, Peter Korsgaard
More information about the buildroot