NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
d68b617993
kumquat-buildroot/package/mbedtls/mbedtls.hash
Fabrice Fontaine c2baa583c3 package/mbedtls: security bump to version 2.28.2 
Fix the following security issues:
- Fix potential heap buffer overread and overwrite in DTLS if
  MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
  MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
- An adversary with access to precise enough information about memory
  accesses (typically, an untrusted operating system attacking a secure
  enclave) could recover an RSA private key after observing the victim
  performing a single private-key operation if the window size used for
  the exponentiation was 3 or smaller.

Drop patch (already in version:
9d9d45c6b2)

https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-18 11:31:23 +01:00

5 lines
263 B
Plaintext
Raw Blame History

# From https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.2:
sha256 bc55232bf71fd66045122ba9050a29ea7cb2e8f99b064a9e6334a82f715881a0 mbedtls-2.28.2.tar.gz
# Locally calculated
sha256 cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30 LICENSE
Reference in New Issue View Git Blame Copy Permalink