CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2026/04/01 13:07:37
Modified files:
security/mbedtls: Makefile distinfo
security/mbedtls/patches: patch-include_mbedtls_mbedtls_config_h
Log message:
Security update to mbedtls-3.6.6
Fixes for:
Client impersonation while resuming a TLS 1.3 session (CVE-2026-34873)
Entropy on Linux can fall back to /dev/urandom (CVE-2026-34871)
PSA random generator cloning CVE-2026-25835
Compiler-induced constant-time violations (CVE-2025-66442)
Null pointer dereference when setting a distinguished name (CVE-2026-34874)
Buffer overflow in FFDH public key export (CVE-2026-34875)
FFDH: lack of contributory behaviour due to improper input validation
(CVE-2026-34872)
Signature Algorithm Injection CVE-2026-25834
CCM multipart finish tag-length validation bypass (CVE-2026-34876)
Risk of insufficient protection of serialized session or context data
leading to potential memory safety issues (CVE-2026-34877)
Buffer underflow in x509_inet_pton_ipv6() (CVE-2026-25833)
