pool/mbedtls
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
c72ede0254
mbedtls/baselibs.conf

4 lines
42 B
Plaintext
Raw Normal View History

Accepting request 827276 from home:dirkmueller:branches:security:tls - update to 2.23.0: a lot of changes see https://github.com/ARMmbed/mbedtls/releases/tag/v2.23.0 * Fix a side channel vulnerability in modular exponentiation that could reveal an RSA private key used in a secure enclave. Noticed by Sangho Lee, Ming-Wei Shih, Prasun Gera, Taesoo Kim and Hyesoon Kim (Georgia Institute of Technology); and Marcus Peinado (Microsoft Research). Reported by Raoul Strackx (Fortanix) in #3394. * Fix side channel in mbedtls_ecp_check_pub_priv() and mbedtls_pk_parse_key() / mbedtls_pk_parse_keyfile() (when loading a private key that didn't include the uncompressed public key), as well as mbedtls_ecp_mul() / mbedtls_ecp_mul_restartable() when called with a NULL f_rng argument. An attacker with access to precise enough timing and memory access information (typically an untrusted operating system attacking a secure enclave) could fully recover the ECC private key. Found and reported by Alejandro Cabrera Aldaya and Billy Brumley. * Fix issue in Lucky 13 counter-measure that could make it ineffective when hardware accelerators were used (using one of the MBEDTLS_SHAxxx_ALT macros). This would cause the original Lucky 13 attack to be possible in those configurations, allowing an active network attacker to recover plaintext after repeated timing measurements under some conditions. Reported and fix suggested by Luc Perneel in #3246. OBS-URL: https://build.opensuse.org/request/show/827276 OBS-URL: https://build.opensuse.org/package/show/security:tls/mbedtls?expand=0&rev=15
2020-08-17 12:36:14 +02:00
libmbedtls13
libmbedx509-1
Accepting request 858114 from home:dirkmueller:branches:security:tls - update to 2.25.0: * This release of Mbed TLS provides bug fixes, minor enhancements and new features. This release includes fixes for security issues. * see https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0 * The functions mbedtls_cipher_auth_encrypt() and mbedtls_cipher_auth_decrypt() would write past the minimum documented size of the output buffer when used with NIST_KW. As a result, code using those functions as documented with NIST_KW could have a buffer overwrite of up to 15 bytes, with consequences ranging up to arbitrary code execution depending on the location of the output buffer. * Limit the size of calculations performed by mbedtls_mpi_exp_mod to MBEDTLS_MPI_MAX_SIZE to prevent a potential denial of service when generating Diffie-Hellman key pairs. Credit to OSS-Fuzz. * A failure of the random generator was ignored in mbedtls_mpi_fill_random(), which is how most uses of randomization in asymmetric cryptography (including key generation, intermediate value randomization and blinding) are implemented. This could cause failures or the silent use of non-random values. A random generator can fail if it needs reseeding and cannot not obtain entropy, or due to an internal failure (which, for Mbed TLS's own CTR_DRBG or HMAC_DRBG, can only happen due to a misconfiguration). * Fix a compliance issue whereby we were not checking the tag on the algorithm parameters (only the size) when comparing the signature in the description part of the cert to the real signature. This meant that a NULL algorithm parameters entry would look identical to an array of REAL (size zero) to the library and thus the certificate would be considered valid. However, if the parameters do not match in any way then the certificate should be considered invalid, and indeed OpenSSL marks these certs as invalid when mbedtls did not. Many thanks to guidovranken who found this issue via differential fuzzing and reported it OBS-URL: https://build.opensuse.org/request/show/858114 OBS-URL: https://build.opensuse.org/package/show/security:tls/mbedtls?expand=0&rev=22
2020-12-22 11:24:25 +01:00
libmbedcrypto6
Reference in New Issue Copy Permalink