aboutsummaryrefslogtreecommitdiffstats
path: root/scripts
diff options
context:
space:
mode:
authorHauke Mehrtens <hauke@hauke-m.de>2022-01-29 11:56:27 +0100
committerHauke Mehrtens <hauke@hauke-m.de>2022-02-13 18:27:18 +0100
commit1691c1168d15752eaeb9ab2dda15553754df95be (patch)
tree1a6c56074e9e0d9ec77e9868e43bf4a174c3c46f /scripts
parent419b9f4c45141ec37d9c0936ca19380e77a79a3f (diff)
downloadupstream-1691c1168d15752eaeb9ab2dda15553754df95be.tar.gz
upstream-1691c1168d15752eaeb9ab2dda15553754df95be.tar.bz2
upstream-1691c1168d15752eaeb9ab2dda15553754df95be.zip
mbedtls: Update to version 2.16.12
This fixes the following security problems: * Zeroize several intermediate variables used to calculate the expected value when verifying a MAC or AEAD tag. This hardens the library in case the value leaks through a memory disclosure vulnerability. For example, a memory disclosure vulnerability could have allowed a man-in-the-middle to inject fake ciphertext into a DTLS connection. * Fix a double-free that happened after mbedtls_ssl_set_session() or mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED (out of memory). After that, calling mbedtls_ssl_session_free() and mbedtls_ssl_free() would cause an internal session buffer to be free()'d twice. CVE-2021-44732 The sizes of the ipk changed on MIPS 24Kc like this: 182454 libmbedtls12_2.16.11-2_mips_24kc.ipk 182742 libmbedtls12_2.16.12-1_mips_24kc.ipk Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 57f38e2c827e3be71d8b1709073e366afe011985)
Diffstat (limited to 'scripts')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-20 18:00:57 +0000