--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2018-044964688a
2018-05-29 11:19:31.979663
--------------------------------------------------------------------------------
Name : mbedtls
Product : Fedora 28
Version : 2.9.0
Release : 1.fc28
URL :
https://tls.mbed.org/
Summary : Light-weight cryptographic and SSL/TLS library
Description :
Mbed TLS is a light-weight open source cryptographic and SSL/TLS
library written in C. Mbed TLS makes it easy for developers to include
cryptographic and SSL/TLS capabilities in their (embedded)
applications with as little hassle as possible.
FOSS License Exception:
https://tls.mbed.org/foss-license-exception
--------------------------------------------------------------------------------
Update Information:
Mbed TLS 2.9.0 ============== Description ----------- Mbed TLS version 2.9.0
has now been released, in addition to maintenance releases for Mbed TLS 2.1 and
Mbed TLS 1.3. Mbed TLS 2.9.0 introduces some minor functional improvements
including code size reductions with smaller AES tables, and initial support for
Curve448 along with some security fixes and bug fixes. Security -------- *
(2.9, 2.7, 2.1) Fixed an issue in the X.509 module which could lead to a buffer
overread during certificate validation. Additionally, the issue could also lead
to unnecessary callback checks being made or to some validation checks to be
omitted. The overread could be triggered remotely, while the other issues would
require a non DER-compliant certificate to be correctly signed by a trusted CA,
or a trusted CA with a non DER-compliant certificate. Found by luocm. Fixes
#825. * (2.9, 2.7, 2.1) Fixed the buffer length assertion in the
ssl_parse_certificate_request() function which could lead to an arbitrary
overread of the message buffer. The overreads could be caused by receiving a
malformed algorithms section which was too short. In builds with debug output,
this overread data was output with the debug data. * (2.9, 2.7, 2.1) Fixed a
client-side bug in the validation of the server's ciphersuite choice which could
potentially lead to the client accepting a ciphersuite it didn't offer or a
ciphersuite that could not be used with the TLS or DTLS version chosen by the
server. This could lead to corruption of internal data structures for some
configurations. Features -------- * (2.9) Added an option of
MBEDTLS_AES_FEWER_TABLES, to dynamically compute smaller AES tables during
runtime, thereby reducing the RAM/ROM footprint by ~6KiB. Suggested and
contributed by jkivilin. * (2.9) Added initial support for Curve448 (RFC
7748). So far only mbedtls_ecp_mul() and ECDH primitive functions
(mbedtls_ecdh_gen_public(), mbedtls_ecdh_compute_shared()) are supported for
now. Contributed by Nicholas Wilson. API Changes ----------- Mbed TLS 2.9.0
maintains source code and binary compatibility with the last minor version, Mbed
TLS 2.8.0, but extends the interface with additional capabilities. * (2.9)
Extended the API with the function of mbedtls_net_poll() to allow user
applications to wait for a network context to become ready before reading or
writing. * (2.9) Added the function mbedtls_ssl_check_pending() to the public
API to allow a check for whether more more data is pending to be processed in
the internal message buffers. This function is necessary to determine the
underlying transport when event-driven IO is used. Bugfix ------ * (2.9,
2.7) Fixed a spurious uninitialized variable warning in cmac.c. Fix
independently contributed by Brian J Murray and David Brown. * (2.9, 2.7, 2.1)
Added missing dependencies in test suites that led to build failures in
configurations that omit certain hashes or public-key algorithms. Fixes #1040.
* (2.9, 2.7) Fixed a C89 incompatibility issue in benchmark.c. Contributed by
Brendan Shanks. Fixes #1353. * (2.9, 2.7, 2.1) Added missing dependencies for
MBEDTLS_HAVE_TIME_DATE and MBEDTLS_VERSION_FEATURES in some test suites.
Contributed by Deomid Ryabkov. Fixes #1299, #1475. * (2.9, 2.7, 2.1) Fixed the
Makefile build process for building shared libraries on Mac OS X. Fixed by
mnacamura. * (2.9, 2.7, 2.1) Fixed parsing of PKCS#8 encoded Elliptic Curve
keys. Previously Mbed TLS was unable to parse keys which had only the optional
parameters field of the ECPrivateKey structure. Found by Jethro Beekman, fixed
in #1379. * (2.9, 2.7, 2.1) Added an optimisation to return the plaintext data
more quickly on unpadded CBC decryption, as stated in the
mbedtls_cipher_update() documentation. Contributed by Andy Leiserson. * (2.9,
2.7, 2.1) Fixed the overriding and ignoring of return values when parsing and
writing to a file in the pk_sign program. Found by kevlut in #1142. * (2.9)
Added restrictions to the usage of the error code MBEDTLS_ERR_SSL_WANT_READ to
situations where data needs to be fetched from the underlying transport in order
to make progress. Previously, this error code was also occasionally returned
when unexpected messages were being discarded, ignoring that further messages
could potentially already be pending to be processed in the internal buffers;
these cases led to deadlocks when event-driven I/O was used. Found and reported
by Hubert Mis in #772. * (2.9, 2.7, 2.1) Fixed buffer length assertions in the
ssl_parse_certificate_request() function which led to a potential one byte
overread of the message buffer. * (2.9, 2.7, 2.1) Fixed invalid buffer sizes
being passed to zlib during record compression and decompression. * (2.9)
Raised the soversion of libmbedcrypto to match the soversion of the maintained
2.7 branch. The soversion was increased in Mbed TLS version 2.7.1 to reflect
breaking changes in that release, but the increment was missed in 2.8.0 and
later releases outside of the 2.7 branch. Changes ------- * (2.9) Removed
some redundant code in bignum.c. Contributed by Alexey Skalozub. * (2.9, 2.7)
Added support for cmake builds where Mbed TLS is a subproject. Fix contributed
independently by Matthieu Volat and Arne Schwabe. * (2.9, 2.7, 2.1) Improved
the testing of configurations that omit certain hashes or public-key algorithms.
Includes contributions by Gert van Dijk. * (2.9, 2.7, 2.1) Improved negative
testing of X.509 parsing. * (2.9, 2.7, 2.1) Does not define global mutexes for
readdir() and gmtime() in configurations where the feature is disabled. Found
and fixed by Gergely Budai. * (2.9) Hardened the function
mbedtls_ssl_config_free() against misuse, so that it doesn't leak memory if the
user doesn't use mbedtls_ssl_conf_psk() and instead incorrectly manipulates the
configuration structure directly. Found and fix submitted by junyeonLEE in
#1220. * (2.9, 2.7, 2.1) Provided an empty implementation of
mbedtls_pkcs5_pbes2() when MBEDTLS_ASN1_PARSE_C is not enabled. This allows the
use of PBKDF2 without PBES2. Fixed by Marcos Del Sol Vives. * (2.9) Added the
order of the base point as N in the mbedtls_ecp_group structure for Curve25519,
which other curves already had. Contributed by Nicholas Wilson #481. * (2.9,
2.7, 2.1) Improved the documentation of mbedtls_net_accept(). Contributed by
Ivan Krylov. * (2.9, 2.7, 2.1) Improved the documentation of
mbedtls_ssl_write(). Suggested by Paul Sokolovsky in #1356. * (2.9, 2.7, 2.1)
Added an option in the Makefile to support ar utilities where the operation
letter must not be prefixed by '-', such as LLVM. Found and fixed by Alex Hixon.
* (2.9, 2.7, 2.1) Added the ability to allow configuration of the shared library
extension by setting the DLEXT environment variable when using the project
makefiles. * (2.9) Optimized unnecessary zeroing in mbedtls_mpi_copy(). Based
on a contribution by Alexey Skalozub in #405. * (2.9, 2.7, 2.1) Changed the
SSL module, such that when f_send, f_recv or f_recv_timeout report transmitting
more than the required length, they now return an error. Raised by Sam O'Connor
in #1245. * (2.9, 2.7, 2.1) Improved the robustness of
mbedtls_ssl_derive_keys() against the use of HMAC functions with non-HMAC
ciphersuites. Independently contributed by Jiayuan Chen. Fixes #1437. * (2.9)
Improved security of RSA key generation by including criteria from FIPS 186-4.
Contributed by Jethro Beekman. #1380 * (2.9) Added declaration of functions in
header files even when an alternative implementation of the corresponding module
uses an MBEDTLS_..._ALT macro. This means that alternative implementations no
longer need to copy the declarations, and ensures that they will have the same
API. * (2.9) Added platform setup and teardown calls in test suites, for
consistency, and to allow the test suites to work on platforms with
cryptographic acceleration.
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 16 2018 Morten Stevens <mstevens(a)fedoraproject.org> - 2.9.0-1
- Update to 2.90
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1575175 - mbedtls-2.9.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1575175
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-044964688a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------