Skip to content

Commit

Permalink
Merge pull request Mbed-TLS#3014 from mpg/fix-attribution-ecdsa-inc
Browse files Browse the repository at this point in the history 
[2.16] Fix contributor names in ChangeLog
  • Loading branch information
@yanesca
yanesca authored Jan 29, 2020
2 parents 7550e85 + 58c2779 commit 1f10f2e
Showing 1 changed file with 1 addition and 3 deletions.
4 changes: 1 addition & 3 deletions ChangeLog
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,15 +6,13 @@ Bugfix
* Allow loading symlinked certificates. Fixes #3005. Reported and fixed
by Jonathan Bennett <JBennett@incomsystems.biz> via #3008.

= mbed TLS 2.16.5 branch released xxxx-xx-xx

Security
* Fix potential memory overread when performing an ECDSA signature
operation. The overread only happens with cryptographically low
probability (of the order of 2^-n where n is the bitsize of the curve)
unless the RNG is broken, and could result in information disclosure or
denial of service (application crash or extra resource consumption).
Reported by Peter and Auke (found using static analysis).
Found by Auke Zeilstra and Peter Schwabe, using static analysis.

= mbed TLS 2.16.4 branch released 2020-01-15

Expand Down

0 comments on commit 1f10f2e

Please sign in to comment.