Merge pull request #9087 from ronald-cron-arm/add-cve-2024-30166-ref

ChangeLog: Add missing reference to CVE in security entry
2025-08-10 05:03:02 +03:00 · 2024-05-02 15:47:43 +00:00
parent 898066b851 93b660b67a
commit cedb011c50
1 changed files with 1 additions and 0 deletions
--- a/1
+++ b/1
@@ -144,6 +144,7 @@ Security
   * Fix a stack buffer overread (less than 256 bytes) when parsing a TLS 1.3
     ClientHello in a TLS 1.3 server supporting some PSK key exchange mode. A
     malicious client could cause information disclosure or a denial of service.
+     Fixes CVE-2024-30166.
   * Passing buffers that are stored in untrusted memory as arguments
     to PSA functions is now secure by default.
     The PSA core now protects against modification of inputs or exposure