cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-29 00:18:06 -04:00
Code Issues Packages Projects Releases Wiki Activity

Tiny fix in ChangeLog pt 2

Browse Source 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
This commit is contained in:
Elena Uziunaite 2024-08-22 09:23:48 +01:00
parent e0c6f80403
commit da27eba669
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog.d/fix_reporting_of_key_usage_issues.txt
View File

@ -3,7 +3,7 @@ Security
client, if the client-provided certificate does not have appropriate values client, if the client-provided certificate does not have appropriate values
in keyUsage or extKeyUsage extensions, then the return value of in keyUsage or extKeyUsage extensions, then the return value of
mbedtls_ssl_get_verify_result() would incorrectly have the mbedtls_ssl_get_verify_result() would incorrectly have the
MBEDTLS_X509_BADCERT_KEY_USAGE and MBEDTLS_X509_BADCERT_KEY_USAGE bits MBEDTLS_X509_BADCERT_KEY_USAGE and MBEDTLS_X509_BADCERT_EXT_KEY_USAGE bits
clear. As a result, an attacker that had a certificate valid for uses other clear. As a result, an attacker that had a certificate valid for uses other
than TLS client authentication could be able to use it for TLS client than TLS client authentication could be able to use it for TLS client
authentication anyway. Only TLS 1.3 servers were affected, and only with authentication anyway. Only TLS 1.3 servers were affected, and only with