mbedTLS v3.0.0p1 Release Notes
Release Date: 2019-07-12 // over 5 years ago-
No data yet ๐
You can check the official repo
Previous changes from v2.16.2
-
Description
๐ Mbed TLS 2.16.2 is a maintenance release of the Mbed TLS 2.16 branch, and
๐ provides bug fixes and minor enhancements.๐ Security
- Make
mbedtls_ecdh_get_params
return an error if the second key belongs to a different group from the first. Before, if an application passed keys that belonged to different group, the first key's data was interpreted according to the second group, which could lead to either an error or a meaningless output frommbedtls_ecdh_get_params
. In the latter case, this could expose at most 5 bits of the private key.
๐ Bugfix
- โก๏ธ Server's RSA certificate in
certs.c
was SHA-1 signed. In the default Mbed TLS configuration only SHA-2 signed certificates are accepted. This certificate is used in the demo server programs, which lead the client programs to fail at the peer's certificate verification due to an unacceptable hash signature. The certificate has been updated to one that is SHA-256 signed. Fix contributed by Illya Gerasymchuk. - Fix private key DER output in the
key_app_writer example
. File contents were shifted by one byte, creating an invalid ASN.1 tag. Fixed by Christian Walther in #2239. - ๐ Fix potential memory leak in X.509 self test. Found and fixed by Junhwan Park, #2106.
- โฌ๏ธ Reduce stack usage of HKDF tests. Fixes #2195.
- Fix 1-byte buffer overflow in
mbedtls_mpi_write_string()
when used with negative inputs. Found by Guido Vranken in #2404. Credit to OSS-Fuzz. - ๐ Fix bugs in the AEAD test suite which would be exposed by ciphers which either used both encrypt and decrypt key schedules, or which perform padding. GCM and CCM were not affected. Fixed by Jack Lloyd.
- Fix incorrect default port number in
ssl_mail_client
example's usage. Found and fixed by irwir. #2337 - Add missing parentheses around parameters in the definition of the public macro
MBEDTLS_X509_ID_FLAG
. This could lead to invalid evaluation in case operators binding less strongly than subtraction were used for the parameter. - Add a check for
MBEDTLS_X509_CRL_PARSE_C
inssl_server2
, guarding the crl sni entry parameter. Reported by inestlerode in #560. - ๐ Fix missing bounds checks in X.509 parsing functions that could lead to successful parsing of ill-formed X.509 CRTs. Fixes #2437.
- ๐ Fix multiple X.509 functions previously returning ASN.1 low-level error codes to always wrap these codes into X.509 high level error codes before returning. Fixes #2431.
- Add DER-encoded test CRTs to
library/certs.c
, allowing the example programsssl_server2
andssl_client2
to be run ifMBEDTLS_FS_IO
andMBEDTLS_PEM_PARSE_C
are unset. Fixes #2254.
๐ Changes
- Return from various debugging routines immediately if the provided SSL context is unset.
- โ Remove dead code from
bignum.c
in the default configuration. Found by Coverity, reported and fixed by Peter Kolbus (Garmin). Fixes #2309. - Add test for minimal value of
MBEDTLS_MPI_WINDOW_SIZE
to all.sh. Contributed by Peter Kolbus (Garmin). - Change wording in the
mbedtls_ssl_conf_max_frag_len()
's documentation to improve clarity. Fixes #2258. - โ Replace multiple uses of MD2 by SHA-256 in X.509 test suite. Fixes #821.
โก๏ธ Who should update
โก๏ธ We recommend all affected users should update to take advantage of the bug
๐ fixes contained in this release at an appropriate point in their development
lifecycle. - Make