commit 9a1396bfcc2bc2c43aa94f2fdffcfb4341c229b7
author Ronald Cron <ronald.cron@arm.com> Wed Nov 16 11:04:48 2022 +0100
committer Ronald Cron <ronald.cron@arm.com> Wed Nov 16 11:04:48 2022 +0100
tree 17777d392f961c7270e68a53aa9682a47084546e
parent e9f92c4fbc212390cf104185222f83bb9eba5bd9

Add ChangeLog

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

ChangeLog.d/fix-in-cid-buffer-size.txt

diff --git a/ChangeLog.d/fix-in-cid-buffer-size.txt b/ChangeLog.d/fix-in-cid-buffer-size.txt
new file mode 100644
index 0000000..c8ede1f
--- /dev/null
+++ b/ChangeLog.d/fix-in-cid-buffer-size.txt
@@ -0,0 +1,15 @@
+Bugfix
+    * Fix potential buffer overflow in DTLS with MBEDTLS_SSL_DTLS_CONNECTION_ID
+      enabled leading to context corruption.
+
+Security
+    * Fix potential memory probe through non-constant time memcmp() in DTLS
+      with MBEDTLS_SSL_DTLS_CONNECTION_ID enabled. The memory probe is possible
+      only under very specific and unlikely conditions:
+      2 * MBEDTLS_SSL_CID_OUT_LEN_MAX < MBEDTLS_SSL_CID_IN_LEN_MAX if
+      MBEDTLS_SSL_CONTEXT_SERIALIZATION is disabled,
+      MBEDTLS_SERVER_HELLO_RANDOM_LEN + MBEDTLS_CLIENT_HELLO_RANDOM_LEN +
+      2 * MBEDTLS_SSL_CID_OUT_LEN_MAX < MBEDTLS_SSL_CID_IN_LEN_MAX if
+      MBEDTLS_SSL_CONTEXT_SERIALIZATION is enabled. Those conditions are not
+      met with the default values of MBEDTLS_SSL_CID_IN_LEN_MAX and
+      MBEDTLS_SSL_CID_OUT_LEN_MAX where the two maximum lengths are equal.