ChangeLog - OpenGrok cross reference for /optee_os/lib/libmbedtls/mbedtls/ChangeLog

175    * Support re-assembly of fragmented handshake messages in TLS (both
320    * Fix issue of redefinition warning messages for _GNU_SOURCE in
330    * Fix psa_cipher_decrypt() with CCM* rejecting messages less than 3 bytes
658      the attacker to send a large number of messages for decryption. For
1244      1024 messages. As such, it is not intended for use in TLS, but instead
1576      potentially leading to corrupted alert messages being sent in case
2217      the affected side to wrongly reject valid messages. Fixes #4118.
2871      SSLv2 ClientHello messages.
3501    * Zeroize memory used for buffering or reassembling handshake messages
3563    * Add support for fragmentation of outgoing DTLS handshake messages. This
3572    * Add support for buffering out-of-order handshake messages in DTLS.
3616    * Add support for buffering of out-of-order handshake messages.
3626      partially recover the plaintext of messages under some conditions by
3628      this recovery by sending many messages in the same connection. With TLS
3640      plaintext of messages under some conditions by using a cache attack
3650      to partially recover the plaintext of messages under some conditions (see
3695    * Fix decryption for zero length messages (which contain all padding) when a
3710      zero-length messages when using TLS 1.2. Contributed by Espressif Systems.
3840      returned when unexpected messages were being discarded, ignoring that
3841      further messages could potentially already be pending to be processed
4127    * Fix handling of handshake messages in mbedtls_ssl_read() in case
4327      suppressing the CA list in Certificate Request messages. The default
4351    * Add checks to prevent signature forgeries for very large messages while
4362      CertificateVerify messages, to prevent SLOTH attacks against TLS 1.2.
4743    * Prepend a "thread identifier" to debug messages (issue pointed out by
5058    * Added new error codes and debug messages about selection of
5150      It was possible to crash the server (and client) using crafted messages
5219    * debug_set_threshold() added to ignore messages over threshold level
5279    * The length of various ClientKeyExchange messages was not properly checked.
5639      It was possible to crash the server (and client) using crafted messages
5787    * Debug messages about padding errors during SSL message decryption are
5789    * Sending of security-relevant alert messages that do not break
5938    * Debug messages about padding errors during SSL message decryption are
5988    * Fixed potential memory corruption on miscrafted client messages (found by