On Sat 12/03/2022 07:35, Bjorn Ketelaars wrote:
> Support for the 2.16 branch of mbedtls has been dropped, and a new LTS
> branch is provided. Diff below updates our port to the first release of
> this branch.
>
> Shared libraries require a bump (libmbedx509 only received some
> additions).
>
> T
Support for the 2.16 branch of mbedtls has been dropped, and a new LTS
branch is provided. Diff below updates our port to the first release of
this branch.
Shared libraries require a bump (libmbedx509 only received some
additions).
Testing:
- all tests pass on amd64
- build tested several consume
This release of Mbed TLS provides bug fixes and minor enhancements, and
includes a fix for CVE-2021-44732 (double free in
mbedtls_ssl_set_session() in an error case). More info can be found at
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2021-12.
Overview on chan
mbedtls-2.16.11 has been made available, which provides bug fixes and
minor enhancements. This release includes fixes for security issues:
- Local side channel attack on RSA
- Local side channel attack on static Diffie-Hellman with Montgomery
curves
Release notes can be found at
https://github.c
On Tue, Sep 08, 2020 at 09:35:24PM +0200, Bjorn Ketelaars wrote:
> On Wed 02/09/2020 17:41, Bjorn Ketelaars wrote:
> > Diff below updates mbedtls to 2.16.8, which is a security update and
> > addresses:
> > - Local side channel attack on RSA and static Diffie-Hellman
> > - Local side channel attack
On Wed 02/09/2020 17:41, Bjorn Ketelaars wrote:
> Diff below updates mbedtls to 2.16.8, which is a security update and
> addresses:
> - Local side channel attack on RSA and static Diffie-Hellman
> - Local side channel attack on classical CBC decryption in (D)TLS
>
> Other changes are listed at
> h
Diff below updates mbedtls to 2.16.8, which is a security update and
addresses:
- Local side channel attack on RSA and static Diffie-Hellman
- Local side channel attack on classical CBC decryption in (D)TLS
Other changes are listed at
https://github.com/ARMmbed/mbedtls/blob/mbedtls-2.16.8/ChangeLo
Mbed TLS (security/polarssl) 2.16.7 is a maintenance release of the Mbed
TLS 2.16 branch, and provides bug fixes and minor enhancements. This
release includes a fix for a side-channel attack on ECC key import and
validation. Overview on changes can be found at
https://github.com/ARMmbed/mbedtls/rel
Diff below brings mbedtls (security/polarssl) to 2.16.6, which fixes a
security issue that allowed an adversary with access to precise enough
timing and memory access information (typically an untrusted operating
system attacking a secure enclave) to fully recover an ECDSA private key
(CVE-2020-109
On Thu 17/10/2019 21:44, Stuart Henderson wrote:
> On 2019/10/16 23:38, Björn Ketelaars wrote:
> > On Tue 01/10/2019 06:33, Björn Ketelaars wrote:
> > > On Thu 19/09/2019 20:34, Björn Ketelaars wrote:
> > > > Mbed TLS 2.16.3 is a maintenance release of the Mbed TLS 2.16 branch,
> > > > and provides
On 2019/10/16 23:38, Björn Ketelaars wrote:
> On Tue 01/10/2019 06:33, Björn Ketelaars wrote:
> > On Thu 19/09/2019 20:34, Björn Ketelaars wrote:
> > > Mbed TLS 2.16.3 is a maintenance release of the Mbed TLS 2.16 branch,
> > > and provides bug fixes and minor enhancements. Overview of changes can
On Tue 01/10/2019 06:33, Björn Ketelaars wrote:
> On Thu 19/09/2019 20:34, Björn Ketelaars wrote:
> > Mbed TLS 2.16.3 is a maintenance release of the Mbed TLS 2.16 branch,
> > and provides bug fixes and minor enhancements. Overview of changes can
> > be found at
> > https://github.com/ARMmbed/mbedt
On Thu 19/09/2019 20:34, Björn Ketelaars wrote:
> Mbed TLS 2.16.3 is a maintenance release of the Mbed TLS 2.16 branch,
> and provides bug fixes and minor enhancements. Overview of changes can
> be found at
> https://github.com/ARMmbed/mbedtls/releases/tag/mbedtls-2.16.3.
>
> Major of mbedx509 has
Mbed TLS 2.16.3 is a maintenance release of the Mbed TLS 2.16 branch,
and provides bug fixes and minor enhancements. Overview of changes can
be found at
https://github.com/ARMmbed/mbedtls/releases/tag/mbedtls-2.16.3.
Major of mbedx509 has been bumped as check_sym found changes in data
object sizes
A new version of mbedtls is available, which is the first of the next
long term support branch. This version fixes a couple of bugs, and adds
some new features. Changelog can be found at
https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.0-2.7.9-and-2.1.18-released
'make test' runs successful
On Fri, Dec 07 2018, Björn Ketelaars wrote:
> Diff below brings mbedtls to 2.14.1, which fixes CVE-2018-19608.
> Overview on changes can be found at
> https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released
>
> Minor of mbedcrypto has been bumped as symbols have been ad
On Fri, Dec 07, 2018 at 06:34:31AM +0100, Björn Ketelaars wrote:
> Diff below brings mbedtls to 2.14.1, which fixes CVE-2018-19608.
> Overview on changes can be found at
> https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released
>
> Minor of mbedcrypto has been bumped as
Diff below brings mbedtls to 2.14.1, which fixes CVE-2018-19608.
Overview on changes can be found at
https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released
Minor of mbedcrypto has been bumped as symbols have been added.
make test runs successfully on amd64. Build test
On Mon, Nov 26 2018, Björn Ketelaars wrote:
> Diff below brings mbedtls to 2.14.0, which brings some new features, and
> fixes some security issues and bugs. Details can be found at
> https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.0-2.7.7-and-2.1.16-released
>
> Major number of the three
Diff below brings mbedtls to 2.14.0, which brings some new features, and
fixes some security issues and bugs. Details can be found at
https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.0-2.7.7-and-2.1.16-released
Major number of the three shared libs have been bumped as symbols have
been remo
On Wed 19/09/2018 18:42, Björn Ketelaars wrote:
> Enclosed a diff for bringing mbedtls to 2.13.0. This release fixes an
> issue in the X.509 module which could lead to a buffer overread during
> certificate extensions parsing. Changelog can be found at
> https://tls.mbed.org/tech-updates/releases/m
Enclosed a diff for bringing mbedtls to 2.13.0. This release fixes an
issue in the X.509 module which could lead to a buffer overread during
certificate extensions parsing. Changelog can be found at
https://tls.mbed.org/tech-updates/releases/mbedtls-2.13.0-2.7.6-and-2.1.15-released
libmbedtls requ
On Tue 07/08/2018 12:25, Björn Ketelaars wrote:
> A new version of polarssl is available (2.12.0), which addresses
> 2 vulnerabilities in the TLS ciphersuites (CVE-2018-0497 and
> CVE-2018-0498).
>
> This version also adds several new features as indicated on
> https://tls.mbed.org/tech-updates/re
A new version of polarssl is available (2.12.0), which addresses
2 vulnerabilities in the TLS ciphersuites (CVE-2018-0497 and
CVE-2018-0498).
This version also adds several new features as indicated on
https://tls.mbed.org/tech-updates/releases/mbedtls-2.11.0-2.7.4-and-2.1.13-released
and
https://
On Tue, May 15, 2018 at 04:39:37PM +0200, Björn Ketelaars wrote:
> > Good idea to kill that comment, I'm not sure there's a point in
> > changing the WANTLIB line though...
> >
> > -# libssl/libcrypto are used for polarssl_o_p_test only
> > -WANTLIB += c pthread
> > +WANTLIB= c pthread
>
>
On Tue 15/05/2018 13:56, Jeremie Courreges-Anglas wrote:
> On Mon, May 14 2018, Björn Ketelaars wrote:
> > Please find enclosed a diff for bringing mbedtls to 2.9.0, which fixes
> > various security issues, and bugs. See
> > https://tls.mbed.org/tech-updates/releases/mbedtls-2.9.0-2.7.3-and-2.1.12
On Mon, May 14 2018, Björn Ketelaars wrote:
> Please find enclosed a diff for bringing mbedtls to 2.9.0, which fixes
> various security issues, and bugs. See
> https://tls.mbed.org/tech-updates/releases/mbedtls-2.9.0-2.7.3-and-2.1.12-released
>
> Minor of mbedtls has been bumped as symbols have be
Please find enclosed a diff for bringing mbedtls to 2.9.0, which fixes
various security issues, and bugs. See
https://tls.mbed.org/tech-updates/releases/mbedtls-2.9.0-2.7.3-and-2.1.12-released
Minor of mbedtls has been bumped as symbols have been added.
make test runs successfully on amd64, as do
On Mon, Apr 02 2018, Björn Ketelaars wrote:
> On Mon 02/04/2018 17:45, Jeremie Courreges-Anglas wrote:
>> On Mon, Apr 02 2018, Björn Ketelaars wrote:
>> > Please find enclosed a diff for bringing mbedtls to 2.8.0, which fixes
>> > various security issues. See
>> > https://github.com/ARMmbed/mbedt
On Mon 02/04/2018 17:45, Jeremie Courreges-Anglas wrote:
> On Mon, Apr 02 2018, Björn Ketelaars wrote:
> > Please find enclosed a diff for bringing mbedtls to 2.8.0, which fixes
> > various security issues. See
> > https://github.com/ARMmbed/mbedtls/blob/development/ChangeLog
> >
> > Bumped minor
On Mon, Apr 02 2018, Björn Ketelaars wrote:
> Please find enclosed a diff for bringing mbedtls to 2.8.0, which fixes
> various security issues. See
> https://github.com/ARMmbed/mbedtls/blob/development/ChangeLog
>
> Bumped minor of mbedcrypto as symbols have been added.
>
> make test runs successf
Please find enclosed a diff for bringing mbedtls to 2.8.0, which fixes
various security issues. See
https://github.com/ARMmbed/mbedtls/blob/development/ChangeLog
Bumped minor of mbedcrypto as symbols have been added.
make test runs successfully. net/openvpn,mbedtls builds, and tests ok.
Comment
On 2018/02/06 07:09, Björn Ketelaars wrote:
> mbedtls (security/polarssl) has been updated to 2.7.0., which fixes
> CVE-2018-0488, CVE-2018-0487, and other security related issues.
> Changelog can be found at
> https://github.com/ARMmbed/mbedtls/blob/development/ChangeLog
>
> Bumped minor library
mbedtls (security/polarssl) has been updated to 2.7.0., which fixes
CVE-2018-0488, CVE-2018-0487, and other security related issues.
Changelog can be found at
https://github.com/ARMmbed/mbedtls/blob/development/ChangeLog
Bumped minor library number of mbedtls as functions have been added, and
bump
On Fri, Oct 20 2017, Juan Francisco Cantero Hurtado wrote:
[...]
> Works fine with hiawatha configured for https.
>
> Here is a new diff with a little change in CMakeLists.txt. The port was
> building with -O0.
Hah, I this why I couldn't reproduce. You used DEBUG=-g, didn't you?
cmake.port.mk
On Thu, Oct 19, 2017 at 09:51:29AM +0200, Jeremie Courreges-Anglas wrote:
>
> Here's an update to the latest version, tested on amd64. make test
> passes. Some symbols aren't exported any more in all three libraries,
> hence the major bump. Also a patch is needed to build the test suite,
> I to
Here's an update to the latest version, tested on amd64. make test
passes. Some symbols aren't exported any more in all three libraries,
hence the major bump. Also a patch is needed to build the test suite,
I took the simple approach. In the end libc may be a better place to
fix this.
I'd lik
On Sat, May 03, 2014 at 12:07:46PM +0200, Joachim Schipper wrote:
> PolarSSL has been updated, bringing some additional functionality.
> The PolarSSL maintainers believe that they have fixed the problem that
> we saw on sparc64, and would especially appreciate a re-test there.
> (Florian?)
I hear
PolarSSL has been updated, bringing some additional functionality.
This release rolls in our patches, using arc4random_buf() #ifdef
__OpenBSD__. I have removed our patches, and I have not added patches
for the two test programs that started using rand() (let me know if that
would be appreciated; t
39 matches
Mail list logo
