mbedTLS v1.1.7 Release Notes
Release Date: 2013-06-19 // almost 11 years ago-
๐ Changes
- HAVEGE random generator disabled by default
๐ Bugfix
- x509parse_crt() now better handles PEM error situations
- ssl_parse_certificate() now calls x509parse_crt_der() directly instead of the x509parse_crt() wrapper that can also parse PEM certificates
- Fixed values for 2-key Triple DES in cipher layer
- ssl_write_certificate_request() can handle empty ca_chain
๐ Security
- A possible DoS during the SSL Handshake, due to faulty parsing of PEM-encoded certificates has been fixed (found by Jack Lloyd)