diff --git a/baselibs.conf b/baselibs.conf index a891abe..bbe6294 100644 --- a/baselibs.conf +++ b/baselibs.conf @@ -1,3 +1,3 @@ libmbedtls13 libmbedx509-1 -libmbedcrypto5 +libmbedcrypto6 diff --git a/mbedtls.changes b/mbedtls.changes index 9fca37d..b4ca75c 100644 --- a/mbedtls.changes +++ b/mbedtls.changes @@ -1,3 +1,46 @@ +------------------------------------------------------------------- +Tue Dec 22 10:11:45 UTC 2020 - Dirk Müller + +- update to 2.25.0: + * This release of Mbed TLS provides bug fixes, minor enhancements and new + features. This release includes fixes for security issues. + * see https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0 + + * The functions mbedtls_cipher_auth_encrypt() and + mbedtls_cipher_auth_decrypt() would write past the minimum documented size + of the output buffer when used with NIST_KW. As a result, code using those + functions as documented with NIST_KW could have a buffer overwrite of up to + 15 bytes, with consequences ranging up to arbitrary code execution + depending on the location of the output buffer. + + * Limit the size of calculations performed by mbedtls_mpi_exp_mod to + MBEDTLS_MPI_MAX_SIZE to prevent a potential denial of service when generating + Diffie-Hellman key pairs. Credit to OSS-Fuzz. + + * A failure of the random generator was ignored in mbedtls_mpi_fill_random(), + which is how most uses of randomization in asymmetric cryptography (including + key generation, intermediate value randomization and blinding) are implemented. + This could cause failures or the silent use of non-random values. A random + generator can fail if it needs reseeding and cannot not obtain entropy, or due + to an internal failure (which, for Mbed TLS's own CTR_DRBG or HMAC_DRBG, can + only happen due to a misconfiguration). + + * Fix a compliance issue whereby we were not checking the tag on the algorithm + parameters (only the size) when comparing the signature in the description part + of the cert to the real signature. This meant that a NULL algorithm parameters + entry would look identical to an array of REAL (size zero) to the library and + thus the certificate would be considered valid. However, if the parameters do + not match in any way then the certificate should be considered invalid, and + indeed OpenSSL marks these certs as invalid when mbedtls did not. Many thanks + to guidovranken who found this issue via differential fuzzing and reported it + in #3629. + + * Zeroising of local buffers and variables which are used for calculations in + mbedtls_pkcs5_pbkdf2_hmac(), mbedtls_internal_sha*_process(), + mbedtls_internal_md*_process() and mbedtls_internal_ripemd160_process() + functions to erase sensitive data from memory. Reported by Johan Malmgren and + Johan Uppman Bruce from Sectra. + ------------------------------------------------------------------- Wed Sep 9 11:24:12 UTC 2020 - Dirk Mueller diff --git a/mbedtls.spec b/mbedtls.spec index 7c0fd37..5a97022 100644 --- a/mbedtls.spec +++ b/mbedtls.spec @@ -17,10 +17,10 @@ %define lib_tls libmbedtls13 -%define lib_crypto libmbedcrypto5 +%define lib_crypto libmbedcrypto6 %define lib_x509 libmbedx509-1 Name: mbedtls -Version: 2.24.0 +Version: 2.25.0 Release: 0 Summary: Libraries for crypto and SSL/TLS protocols License: Apache-2.0 diff --git a/v2.24.0.tar.gz b/v2.24.0.tar.gz deleted file mode 100644 index 4b550eb..0000000 --- a/v2.24.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d436ae4892bd80329ca18a3960052fbb42d3f1f46c7519711d6763621ca6cfa0 -size 3911881 diff --git a/v2.25.0.tar.gz b/v2.25.0.tar.gz new file mode 100644 index 0000000..e54056b --- /dev/null +++ b/v2.25.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f838f670f51070bc6b4ebf0c084affd9574652ded435b064969f36ce4e8b586d +size 3994316