ChangeLog - OpenGrok cross reference for /optee_os/lib/libmbedtls/mbedtls/ChangeLog

218    * Support re-assembly of fragmented handshake messages in TLS (both
363    * Fix issue of redefinition warning messages for _GNU_SOURCE in
373    * Fix psa_cipher_decrypt() with CCM* rejecting messages less than 3 bytes
701      the attacker to send a large number of messages for decryption. For
1287      1024 messages. As such, it is not intended for use in TLS, but instead
1619      potentially leading to corrupted alert messages being sent in case
2260      the affected side to wrongly reject valid messages. Fixes #4118.
2914      SSLv2 ClientHello messages.
3544    * Zeroize memory used for buffering or reassembling handshake messages
3606    * Add support for fragmentation of outgoing DTLS handshake messages. This
3615    * Add support for buffering out-of-order handshake messages in DTLS.
3659    * Add support for buffering of out-of-order handshake messages.
3669      partially recover the plaintext of messages under some conditions by
3671      this recovery by sending many messages in the same connection. With TLS
3683      plaintext of messages under some conditions by using a cache attack
3693      to partially recover the plaintext of messages under some conditions (see
3738    * Fix decryption for zero length messages (which contain all padding) when a
3753      zero-length messages when using TLS 1.2. Contributed by Espressif Systems.
3883      returned when unexpected messages were being discarded, ignoring that
3884      further messages could potentially already be pending to be processed
4170    * Fix handling of handshake messages in mbedtls_ssl_read() in case
4370      suppressing the CA list in Certificate Request messages. The default
4394    * Add checks to prevent signature forgeries for very large messages while
4405      CertificateVerify messages, to prevent SLOTH attacks against TLS 1.2.
4786    * Prepend a "thread identifier" to debug messages (issue pointed out by
5101    * Added new error codes and debug messages about selection of
5193      It was possible to crash the server (and client) using crafted messages
5262    * debug_set_threshold() added to ignore messages over threshold level
5322    * The length of various ClientKeyExchange messages was not properly checked.
5682      It was possible to crash the server (and client) using crafted messages
5830    * Debug messages about padding errors during SSL message decryption are
5832    * Sending of security-relevant alert messages that do not break
5981    * Debug messages about padding errors during SSL message decryption are
6031    * Fixed potential memory corruption on miscrafted client messages (found by