Package: libmbedcrypto0 Version: 2.4.0-1 Severity: grave Tags: security Control: clone -1 -2 Control: reassign -2 libpolarssl7 1.3.9-2.1+deb8u1 Control: retitle -2 polarssl: CVE-2017-2748 - Freeing of memory allocated on stack when validating a public key with a secp224k1 curve
Hi all, This security advisory was recently published and contains one "high" severity bug: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-01 The security changelog for 2.4.2 also contains fixes for some other bugs as well. The 3rd bug (relating to SLOTH) does not affect polarssl. = mbed TLS 2.4.2 branch released 2017-03-08 Security * Add checks to prevent signature forgeries for very large messages while using RSA through the PK module in 64-bit systems. The issue was caused by some data loss when casting a size_t to an unsigned int value in the functions rsa_verify_wrap(), rsa_sign_wrap(), rsa_alt_sign_wrap() and mbedtls_pk_sign(). Found by Jean-Philippe Aumasson. * Fixed potential livelock during the parsing of a CRL in PEM format in mbedtls_x509_crl_parse(). A string containing a CRL followed by trailing characters after the footer could result in the execution of an infinite loop. The issue can be triggered remotely. Found by Greg Zaverucha, Microsoft. * Removed MD5 from the allowed hash algorithms for CertificateRequest and CertificateVerify messages, to prevent SLOTH attacks against TLS 1.2. Introduced by interoperability fix for #513. * Fixed a bug that caused freeing a buffer that was allocated on the stack, when verifying the validity of a key on secp224k1. This could be triggered remotely for example with a maliciously constructed certificate and potentially could lead to remote code execution on some platforms. Reported independently by rongsaws and Aleksandar Nikolic, Cisco Talos team. #569 CVE-2017-2784 Thanks, James
signature.asc
Description: OpenPGP digital signature
