694c7d3ece
- Fix a buffer overflow in mbedtls_mpi_sub_abs() when calculating |A| - |B| where |B| is larger than |A| and has more limbs (so the function should return MBEDTLS_ERR_MPI_NEGATIVE_VALUE). Only applications calling mbedtls_mpi_sub_abs() directly are affected: all calls inside the library were safe since this function is only called with |A| >= |B|. - Fix an errorneous estimation for an internal buffer in mbedtls_pk_write_key_pem(). If MBEDTLS_MPI_MAX_SIZE is set to an odd value the function might fail to write a private RSA keys of the largest supported size. - Fix a stack buffer overflow with mbedtls_net_poll() and mbedtls_net_recv_timeout() when given a file descriptor that is beyond FD_SETSIZE. - Guard against strong local side channel attack against base64 tables by making access aceess to them use constant flow code. https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.10 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> [yann.morin.1998@free.fr: fix the hash after upstream mess-up] Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> |
||
|---|---|---|
| .. | ||
| 0001-bn_mul.h-fix-x86-PIC-inline-ASM-compilation-with-GCC.patch | ||
| Config.in | ||
| mbedtls.hash | ||
| mbedtls.mk | ||