aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/services/openvpn/Makefile
diff options
context:
space:
mode:
authorMagnus Kroken <mkroken@gmail.com>2017-06-21 21:05:09 +0200
committerJo-Philipp Wich <jo@mein.io>2017-06-26 09:57:11 +0200
commit73e81a8318d1038cbcb2ad788bf8d956f338f587 (patch)
tree781748e65a3a60163eef19cbed7b80ab5c5733e7 /package/network/services/openvpn/Makefile
parent5b0b27eb4853c27f2428745535094aef9a8fd234 (diff)
downloadupstream-73e81a8318d1038cbcb2ad788bf8d956f338f587.tar.gz
upstream-73e81a8318d1038cbcb2ad788bf8d956f338f587.tar.bz2
upstream-73e81a8318d1038cbcb2ad788bf8d956f338f587.zip
mbedtls: update to 2.5.1
Fixes some security issues (no remote exploits), and introduces some changes. See release notes for details: https://tls.mbed.org/tech-updates/releases/mbedtls-2.5.1-2.1.8-and-1.3.20-released * Fixes an unlimited overread of heap-based buffers in mbedtls_ssl_read() * Adds exponent blinding to RSA private operations * Wipes stack buffers in RSA private key operations (rsa_rsaes_pkcs1_v15_decrypt(), rsa_rsaes_oaep_decrypt()) * Removes SHA-1 and RIPEMD-160 from the default hash algorithms for certificate verification. * Fixes offset in FALLBACK_SCSV parsing that caused TLS server to fail to detect it sometimes. * Tighten parsing of RSA PKCS#1 v1.5 signatures, to avoid a potential Bleichenbacher/BERserk-style attack. Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Diffstat (limited to 'package/network/services/openvpn/Makefile')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-06 04:36:01 +0000