OPENSUSE-SU-2024:0037-1 Security update for mbedtls

This update for mbedtls fixes the following issues: - Update to version 2.28.7: - Resolves CVE-2024-23170 boo1219336 - Update to 2.28.6: Changes: Mbed TLS is now released under a dual Apache-2.0 OR GPL-2.0-or-later license. Users may choose which license they take the code under. - Update to...

OPENSUSE-SU-2022:10247-1 Security update for mbedtls

This update for mbedtls fixes the following issues: - CVE-2022-35409: Fixed buffer overread in DTLS ClientHello parsing boo1201581...

OPENSUSE-SU-2021:1389-1 Security update for mbedtls

This update for mbedtls fixes the following issues: CVE-2021-24119: Fixed side-channel vulnerability in base64 PEM boo1189589 Guard against strong local side channel attack against base64 tables by making access aceess to them use constant flow code...

OPENSUSE-SU-2021:1355-1 Security update for mbedtls

This update for mbedtls fixes the following issues: CVE-2021-24119: Fixed side-channel vulnerability in base64 PEM boo1189589 Guard against strong local side channel attack against base64 tables by making access aceess to them use constant flow code. This update was imported from the...

MGASA-2020-0469 Updated mbedtls packages fix security vulnerabilities

This update provides security bug fixes and minor enhancements. Limit the size of calculations performed by mbedtlsmpiexpmod to MBEDTLSMPIMAXSIZE to prevent a potential denial of service when generating Diffie-Hellman key pairs. A failure of the random generator was ignored in mbedtlsmpifillrando...

MGASA-2020-0370 Updated mbedtls packages fix security vulnerabilities

mbedtls 2.16.8 fixes three security vulnerabilities which could affect earlier releases: Local side channel attack on classical CBC decryption in DTLS CVE-2020-16150. Local side channel attack on RSA and static Diffie-Hellman. Protocol weakness in DHE-PSK key exchange...

MGASA-2020-0053 Updated mbedtls packages fix security vulnerabilities

This update from mbedTLS 2.16.2 to mbedTLS 2.16.4 fixes several security vulnerabilities, among which: The deterministic ECDSA calculation reused the scheme's HMAC-DRBG to implement blinding. Because of this for the same key and message the same blinding value was generated. This reduced the...

OPENSUSE-SU-2018:1039-1 Security update for mbedtls

This update for mbedtls fixes the following issues: Security issues fixed: - CVE-2018-9988: Fixed buffer over-read in sslparseserverkeyexchange that could cause a crash on invalid input boo1089022. - CVE-2018-9989: Fixed buffer over-read in sslparseserverpskhint that could cause a crash on invali...

OPENSUSE-SU-2018:1041-1 Security update for mbedtls

This update for mbedtls fixes the following issues: Security issues fixed: - CVE-2018-9988: Fixed buffer over-read in sslparseserverkeyexchange that could cause a crash on invalid input boo1089022. - CVE-2018-9989: Fixed buffer over-read in sslparseserverpskhint that could cause a crash on invali...

OPENSUSE-SU-2018:0491-1 Security update for mbedtls

This update for mbedtls fixes the following issues: - CVE-2018-0487: Fixed a buffer overflow in RSASSA-PSS signature verification, which allowed remote attackers to execute arbitrary code or cause a denial of service via a crafted certificate chain. boo1080826 - CVE-2018-0488: Fixed a heap...

OPENSUSE-SU-2018:0488-1 Security update for mbedtls

This update for mbedtls fixes the following issues: - CVE-2018-0487: Fixed a buffer overflow in RSASSA-PSS signature verification, which allowed remote attackers to execute arbitrary code or cause a denial of service via a crafted certificate chain. boo1080826 - CVE-2018-0488: Fixed a heap...

OPENSUSE-SU-2017:2731-1 Security update for mbedtls

This update for mbedtls fixes the following issues: - CVE-2017-14032: Possible authentication bypass of peer based authentication when auth mode is configured as 'optional' boo1056544...

Security update for mbedtls (important)

This update to mbedtls 1.3.19 fixes security issues and bugs. The following vulnerability was fixed: CVE-2017-2784: A remote user could have used a specially crafted certificate to cause mbedtls to free a buffer allocated on the stack when verifying the validity of public key with a secp224k1...