TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 2a740611987f3b189b230b021af41fcd2496bc70^! / . / ChangeLog
commit2a740611987f3b189b230b021af41fcd2496bc70[log] [tgz]
authorGilles Peskine <Gilles.Peskine@arm.com>Fri Mar 23 02:28:33 2018 +0100
committerGilles Peskine <Gilles.Peskine@arm.com>Fri Mar 23 02:28:33 2018 +0100
tree800cd9ea3532f6f530bb2a84f634a4f6742a2b99
parent503047f82455724f42448712f5b67c973663ea89 [diff] [blame]
parent1c986a9859f9456af999d16ba5056914669689fc [diff] [blame]
Merge tag 'mbedtls-2.1.11' into iotssl-1381-x509-verify-refactor-2.1-restricted

Conflict resolution:

* ChangeLog
* tests/data_files/Makefile: concurrent additions, order irrelevant
* tests/data_files/test-ca.opensslconf: concurrent additions, order irrelevant
* tests/scripts/all.sh: one comment change conflicted with a code
  addition. In addition some of the additions in the
  iotssl-1381-x509-verify-refactor-restricted branch need support for
  keep-going mode, this will be added in a subsequent commit.

diff --git a/ChangeLog b/ChangeLog
index 2c4d626..29ccd2c 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -1,6 +1,16 @@
 mbed TLS ChangeLog (Sorted per branch, date)
 
-= mbed TLS 2.1.11 branch released xxxx-xx-xx
+= mbed TLS 2.1.x branch released xxxx-xx-xx
+
+Security
+   * Fix a bug in the X.509 module potentially leading to a buffer overread
+     during CRT verification or to invalid or omitted checks for certificate
+     validity. The former can be triggered remotely, while the latter requires
+     a non DER-compliant certificate correctly signed by a trusted CA, or a
+     trusted CA with a non DER-compliant certificate. Found by luocm on GitHub.
+     Fixes #825.
+
+= mbed TLS 2.1.11 branch released 2018-03-16
 
 Default behavior changes
    * The truncated HMAC extension now conforms to RFC 6066. This means
@@ -17,12 +27,21 @@
      implementation allowed an offline 2^80 brute force attack on the
      HMAC key of a single, uninterrupted connection (with no
      resumption of the session).
-   * Fix a bug in the X.509 module potentially leading to a buffer overread
-     during CRT verification or to invalid or omitted checks for certificate
-     validity. The former can be triggered remotely, while the latter requires
-     a non DER-compliant certificate correctly signed by a trusted CA, or a
-     trusted CA with a non DER-compliant certificate. Found by luocm on GitHub.
-     Fixes #825.
+   * Verify results of RSA private key operations to defend
+     against Bellcore glitch attack.
+   * Fix a buffer overread in ssl_parse_server_key_exchange() that could cause
+     a crash on invalid input.
+   * Fix a buffer overread in ssl_parse_server_psk_hint() that could cause a
+     crash on invalid input.
+   * Fix CRL parsing to reject CRLs containing unsupported critical
+     extensions. Found by Falko Strenzke and Evangelos Karatsiolis.
+
+Features
+   * Extend PKCS#8 interface by introducing support for the entire SHA
+     algorithms family when encrypting private keys using PKCS#5 v2.0.
+     This allows reading encrypted PEM files produced by software that
+     uses PBKDF2-SHA2, such as OpenSSL 1.1. Submitted by Antonio Quartulli,
+     OpenVPN Inc. Fixes #1339
 
 Bugfix
    * Fix assembly sequences in bn_mul.h and aesni.c to avoid segmentation
@@ -34,6 +53,35 @@
      In the context of SSL, this resulted in handshake failure. Reported by
      daniel in the Mbed TLS forum. #1351
    * Fix Windows x64 builds with the included mbedTLS.sln file. #1347
+   * Fix setting version TLSv1 as minimal version, even if TLS 1
+     is not enabled. Set MBEDTLS_SSL_MIN_MAJOR_VERSION
+     and MBEDTLS_SSL_MIN_MINOR_VERSION instead of
+     MBEDTLS_SSL_MAJOR_VERSION_3 and MBEDTLS_SSL_MINOR_VERSION_1. #664
+   * Fix compilation error on Mingw32 when _TRUNCATE is defined. Use _TRUNCATE
+     only if __MINGW32__ not defined. Fix suggested by Thomas Glanzmann and
+     Nick Wilson on issue #355
+   * In test_suite_pk, pass valid parameters when testing for hash length
+     overflow. #1179
+   * Fix memory allocation corner cases in memory_buffer_alloc.c module. Found
+     by Guido Vranken. #639
+   * Log correct number of ciphersuites used in Client Hello message. #918
+   * Fix the entropy.c module to ensure that mbedtls_sha256_init() or
+     mbedtls_sha512_init() is called before operating on the relevant context
+     structure. Do not assume that zeroizing a context is a correct way to
+     reset it. Found independently by ccli8 on Github.
+   * In mbedtls_entropy_free(), properly free the message digest context.
+   * Fix memory leak in RSA self test.
+   * Fix X509 CRT parsing that would potentially accept an invalid tag when
+     parsing the subject alternative names.
+   * Fix a possible arithmetic overflow in ssl_parse_server_key_exchange()
+     that could cause a key exchange to fail on valid data.
+   * Fix a possible arithmetic overflow in ssl_parse_server_psk_hint() that
+     could cause a key exchange to fail on valid data.
+   * Fix a 1-byte heap buffer overflow (read-only) during private key parsing.
+     Found through fuzz testing.
+
+Changes
+   * Clarified the documentation of mbedtls_ssl_setup.
 
 = mbed TLS 2.1.10 branch released 2018-02-03