mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-29 18:19:02 +00:00
af3c9b74e1
Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2 This release of Mbed TLS provides bug fixes and minor enhancements. This release includes fixes for security issues. Fixes the following CVEs: * CVE-2022-46393: Fix potential heap buffer overread and overwrite in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX. * CVE-2022-46392: An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) could recover an RSA private key after observing the victim performing a single private-key operation if the window size used for the exponentiation was 3 or smaller. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
23 lines
723 B
Diff
23 lines
723 B
Diff
Fix a compile problem introduced in commit 331c3421d1f0 ("Address review comments")
|
|
|
|
Bug report: https://github.com/Mbed-TLS/mbedtls/issues/6243
|
|
|
|
--- a/programs/ssl/ssl_server2.c
|
|
+++ b/programs/ssl/ssl_server2.c
|
|
@@ -2529,7 +2529,6 @@ int main( int argc, char *argv[] )
|
|
}
|
|
key_cert_init2 = 2;
|
|
#endif /* MBEDTLS_ECDSA_C */
|
|
- }
|
|
|
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
|
if( opt.key_opaque != 0 )
|
|
@@ -2558,6 +2557,7 @@ int main( int argc, char *argv[] )
|
|
}
|
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
|
#endif /* MBEDTLS_CERTS_C */
|
|
+ }
|
|
|
|
mbedtls_printf( " ok (key types: %s - %s)\n", mbedtls_pk_get_name( &pkey ), mbedtls_pk_get_name( &pkey2 ) );
|
|
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|