Merge fix for IOTSSL-480 - base64 overflow issue

2026-02-19 08:43:02 +00:00 · 2015-10-05 09:54:11 +01:00
parent a45aa1399b 0aa45c209a
commit 6418ffaadb
4 changed files with 48 additions and 25 deletions
--- a/7
+++ b/7
@@ -29,6 +29,13 @@ Changes

 = mbed TLS 2.1.1 released 2015-09-17

+Security
+   * Fix possible heap buffer overflow in base64_encoded() when the input
+     buffer is 512MB or larger on 32-bit platforms.
+     Found by Guido Vranken. Not trigerrable remotely in TLS.
+
+= mbed TLS 2.1.1 released 2015-09-17
+
 Security
   * Add countermeasure against Lenstra's RSA-CRT attack for PKCS#1 v1.5
     signatures. (Found by Florian Weimer, Red Hat.)