3771206fa2
This fixes the following security problems: * In earlier versions of wolfSSL there exists a potential man in the middle attack on TLS 1.3 clients. * Denial of service attack on TLS 1.3 servers from repetitively sending ChangeCipherSpecs messages. (CVE-2020-12457) * Potential cache timing attacks on public key operations in builds that are not using SP (single precision). (CVE-2020-15309) * When using SGX with EC scalar multiplication the possibility of side- channel attacks are present. * Leak of private key in the case that PEM format private keys are bundled in with PEM certificates into a single file. * During the handshake, clear application_data messages in epoch 0 are processed and returned to the application. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> |
||
|---|---|---|
| .. | ||
| 100-disable-hardening-check.patch | ||
| 110-fix-build-on-big-endian.patch | ||