Tuesday, September 08, 2020

Re: SECURITY UPDATE security/polarssl

On Wed 02/09/2020 17:41, Bjorn Ketelaars wrote:
> Diff below updates mbedtls to 2.16.8, which is a security update and
> addresses:
> - Local side channel attack on RSA and static Diffie-Hellman
> - Local side channel attack on classical CBC decryption in (D)TLS
>
> Other changes are listed at
> https://github.com/ARMmbed/mbedtls/blob/mbedtls-2.16.8/ChangeLog
>
> Minor of libmbedtls has been bumped because of the addition of a symbol.
>
> 'make test' runs successfully. Run tested in combination with openvpn.
>
> I think it makes sense to backport this update to 6.8.
>
> Comments/OK


Ping!

No comments:

Post a Comment