ChangeLog - OpenGrok cross reference for /optee_os/lib/libmbedtls/mbedtls/ChangeLog

17      get an invalid signature accepted if they could cause a hash accelerator
48      inconsistent state of the output could then cause a NULL dereference either
57      PEM keys to a user. This could cause a crash or information disclosure.
284      not cause the PSA subsystem to use HMAC_DRBG: it uses HMAC_DRBG only when
533      malicious client could cause information disclosure or a denial of service.
544      Note that setting this option will cause input-output buffer overlap to
1082      could cause a crash in programs/test/benchmark.
1527      or a man-in-the-middle could cause a DTLS server to read up to 255 bytes
1534       client or server could cause an MbedTLS server or client to overread up
1542      checked properly when validating the certificate. This could cause a
1739      and mbedtls_ssl_free() would cause an internal session buffer to
1751      These header files cause compilation errors in musl.
2178    * Fix a bug in ECDSA that would cause it to fail when the hash is all-bits
2488      are implemented. This could cause failures or the silent use of non-random
2744      macros). This would cause the original Lucky 13 attack to be possible in
2833      the server could cause it to drop established associations with
2911    * Fix a bug in mbedtls_pk_parse_key() that would cause it to accept some
2914    * Fix a bug in mbedtls_pk_parse_key() that would cause it to
2996      cause functions to return this error code rather than a success. There are
3032      about 1 bit of information on average and could cause the value to be
3919    * Fix a buffer overread in ssl_parse_server_key_exchange() that could cause
3921    * Fix a buffer overread in ssl_parse_server_psk_hint() that could cause a
3962      that could cause a key exchange to fail on valid data.
3964      could cause a key exchange to fail on valid data.
4282    * Fix behaviour that hid the original cause of fatal alerts in some cases
4373      traversing a chain of trusted CA. The issue would cause both flags,
4375      set when the verification conditions are not met regardless of the cause.
4385      in RFC 6347 Section 4.3.1. This could cause the execution of the
4392      cause buffer bound checks to be bypassed. Found by Eyal Itkin.
4394      cause buffer bound checks to be bypassed. Found by Eyal Itkin.
4396      cause buffer bound checks to be bypassed. Found by Eyal Itkin.
4398      cause buffer bound checks to be bypassed. Found by Eyal Itkin.
4465    * Fix conditional statement that would cause a 1 byte overread in
5195    * Very large records using less padding could cause a buffer overread of up
6338    * Fixed dangerous bug that can cause a heap overflow in
6377       peer may cause xyssl to loop indefinitely by sending a certificate
6487     * Fixed a bug in rsa_check_privkey that would wrongly cause