diff options
author | Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> | 2016-01-07 13:18:01 +0100 |
---|---|---|
committer | Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> | 2016-01-08 14:46:44 +0100 |
commit | ddf118961a2214bb21eebb241fdccd4bf186b8e2 (patch) | |
tree | 6da32c1cb1202f0b2936cb4b02987676c6d53f20 | |
parent | 543e4366bc102d59623717b9053547d10605e725 (diff) | |
download | mbedtls-ddf118961a2214bb21eebb241fdccd4bf186b8e2.zip mbedtls-ddf118961a2214bb21eebb241fdccd4bf186b8e2.tar.gz mbedtls-ddf118961a2214bb21eebb241fdccd4bf186b8e2.tar.bz2 |
Update reference to attack in ChangeLog
We couldn't do that before the attack was public
-rw-r--r-- | ChangeLog | 5 |
1 files changed, 4 insertions, 1 deletions
@@ -6,7 +6,10 @@ Security * Fix potential double free when mbedtls_asn1_store_named_data() fails to allocate memory. Only used for certificate generation, not triggerable remotely in SSL/TLS. Found by Rafał Przywara. #367 - * Disable MD5 handshake signatures in TLS 1.2 by default + * Disable MD5 handshake signatures in TLS 1.2 by default to prevent the + SLOTH attack on TLS 1.2 server authentication (other attacks from the + SLOTH paper do not apply to any version of mbed TLS or PolarSSL). + https://www.mitls.org/pages/attacks/SLOTH Bugfix * Fix over-restrictive length limit in GCM. Found by Andreas-N. #362 |