lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-13 03:22:25 +03:00
Code Activity

Add change log

Browse Source 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron
2022-06-17 17:23:06 +02:00
parent 30c5a2520e
commit c3e9abedff
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ChangeLog.d/tls13-fix-key-usage-checks.txt Normal file
View File

@@ -0,0 +1,7 @@
Security
* Fix check of certificate key usage in TLS 1.3. The usage of the public key
provided by a client or server certificate for authentication was not
checked properly when validating the certificate. This could cause a
client or server to be able to authenticate itself through a certificate
to an Mbed TLS TLS 1.3 server or client while it does not own a proper
certificate to do so.