aboutsummaryrefslogtreecommitdiff
path: root/configs/warp7_defconfig
diff options
context:
space:
mode:
authorGravatar Baruch Siach <baruch@tkos.co.il>2018-04-24 14:48:22 +0300
committerGravatar Thomas Petazzoni <thomas.petazzoni@bootlin.com>2018-04-25 15:29:57 +0200
commitbabc94e9dd4a1a04c4a0befdb6d32236a30b8ea8 (patch)
treed52495b4c66172b79f6b0b43f4daaf8e309363e7 /configs/warp7_defconfig
parent1667fe58106aa5bdb63e0c8db2e34c605947464a (diff)
downloadbuildroot-babc94e9dd4a1a04c4a0befdb6d32236a30b8ea8.tar.gz
buildroot-babc94e9dd4a1a04c4a0befdb6d32236a30b8ea8.tar.bz2
mbedtls: security bump to version 2.7.2
The release announcement mentions these security fixes: Defend against Bellcore glitch attacks by verifying the results of RSA private key operations. Fix implementation of the truncated HMAC extension. The previous implementation allowed an offline 2^80 brute force attack on the HMAC key of a single, uninterrupted connection (with no resumption of the session). Reject CRLs containing unsupported critical extensions. Fix a buffer overread in ssl_parse_server_key_exchange() that could cause a crash on invalid input. (CVE-2018-9988) Fix a buffer overread in ssl_parse_server_psk_hint() that could cause a crash on invalid input. (CVE-2018-9989) Drop upstream patch. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Diffstat (limited to 'configs/warp7_defconfig')
0 files changed, 0 insertions, 0 deletions