mbedtls: security bump to version 2.7.5 (7a7a1591) · Commits · Arm Reference Solutions / buildroot

Commit 7a7a1591 authored Aug 24, 2018 by Peter Korsgaard Committed by Thomas Petazzoni Aug 24, 2018

mbedtls: security bump to version 2.7.5

Fixes the following security issues:

- CVE-2018-0497: Remote plaintext recovery on use of CBC based ciphersuites
  through a timing side-channel

- CVE-2018-0498: Plaintext recovery on use of CBC based ciphersuites through
  a cache based side-channel

For more info, see the advisory:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02



Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

parent 182a6c23

Hide whitespace changes

Inline Side-by-side

Please register or to comment