cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-10 15:50:47 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7232 from tom-cosgrove-arm/update-changelog-230308-2.28

Browse Source 
Backport 2.28: Update ChangeLog to make "fix" explicit
This commit is contained in:
Janos Follath 2023-03-09 08:47:37 +00:00 committed by GitHub
commit 803dbdbd22
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
ChangeLog
View File

@ -6,11 +6,11 @@ Security
* Fix potential heap buffer overread and overwrite in DTLS if * Fix potential heap buffer overread and overwrite in DTLS if
MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX. MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
* An adversary with access to precise enough information about memory * Fix an issue where an adversary with access to precise enough information
accesses (typically, an untrusted operating system attacking a secure about memory accesses (typically, an untrusted operating system attacking
enclave) could recover an RSA private key after observing the victim a secure enclave) could recover an RSA private key after observing the
performing a single private-key operation if the window size used for the victim performing a single private-key operation if the window size used
exponentiation was 3 or smaller. Found and reported by Zili KOU, for the exponentiation was 3 or smaller. Found and reported by Zili KOU,
Wenjian HE, Sharad Sinha, and Wei ZHANG. See "Cache Side-channel Attacks Wenjian HE, Sharad Sinha, and Wei ZHANG. See "Cache Side-channel Attacks
and Defenses of the Sliding Window Algorithm in TEEs" - Design, Automation and Defenses of the Sliding Window Algorithm in TEEs" - Design, Automation
and Test in Europe 2023. and Test in Europe 2023.
@ -337,16 +337,17 @@ Security
* It was possible to configure MBEDTLS_ECP_MAX_BITS to a value that is * It was possible to configure MBEDTLS_ECP_MAX_BITS to a value that is
too small, leading to buffer overflows in ECC operations. Fail the build too small, leading to buffer overflows in ECC operations. Fail the build
in such a case. in such a case.
* An adversary with access to precise enough information about memory * Fix an issue where an adversary with access to precise enough information
accesses (typically, an untrusted operating system attacking a secure about memory accesses (typically, an untrusted operating system attacking
enclave) could recover an RSA private key after observing the victim a secure enclave) could recover an RSA private key after observing the
performing a single private-key operation. Found and reported by victim performing a single private-key operation. Found and reported by
Zili KOU, Wenjian HE, Sharad Sinha, and Wei ZHANG. Zili KOU, Wenjian HE, Sharad Sinha, and Wei ZHANG.
* An adversary with access to precise enough timing information (typically, a * Fix an issue where an adversary with access to precise enough timing
co-located process) could recover a Curve25519 or Curve448 static ECDH key information (typically, a co-located process) could recover a Curve25519
after inputting a chosen public key and observing the victim performing the or Curve448 static ECDH key after inputting a chosen public key and
corresponding private-key operation. Found and reported by Leila Batina, observing the victim performing the corresponding private-key operation.
Lukas Chmielewski, Björn Haase, Niels Samwel and Peter Schwabe. Found and reported by Leila Batina, Lukas Chmielewski, Björn Haase, Niels
Samwel and Peter Schwabe.
Bugfix Bugfix
* Add printf function attributes to mbedtls_debug_print_msg to ensure we * Add printf function attributes to mbedtls_debug_print_msg to ensure we