commit | 5a9f46e57c8a8ee073e12a2f28cdde1ef136cb57 | [log] [tgz] |
---|---|---|
author | Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> | Tue Mar 13 11:53:30 2018 +0100 |
committer | Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> | Wed Mar 14 09:24:12 2018 +0100 |
tree | f371c90144531ebd5c980b6d09706fb876031dec | |
parent | 1a6ddb43827d87c687e835689f3d8632e5530115 [diff] [blame] |
x509: CRL: reject unsupported critical extensions
diff --git a/ChangeLog b/ChangeLog index 932e280..20ff7aa 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -2,6 +2,10 @@ = mbed TLS x.x.x branch released xxxx-xx-xx +Security + * Fix CRL parsing to reject CRLs containing unsupported critical + extensions. Found by Falko Strenzke and Evangelos Karatsiolis. + Features * Extend PKCS#8 interface by introducing support for the entire SHA algorithms family when encrypting private keys using PKCS#5 v2.0.