Fix potential double-free in ssl_set_psk()

commit: 5aff029f9d2b8db78da64655c6808a1dfac6f64f [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Mon Sep 28 18:09:45 2015 +0200
committer: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Thu Oct 01 09:58:50 2015 +0200
tree: e76f485c2898bf98045e359db1d6d7fdbf8ba0c7
parent: 9bf29bee22d85d370388683e708412bf0eecfc43 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index 89caddb..14ae034 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -15,6 +15,9 @@
      on crafted PEM input data. Found an fix provided by Guid Vranken.
      Not triggerable remotely in TLS. Triggerable remotely if you accept PEM
      data from an untrusted source.
+   * Fix potential double-free if ssl_set_psk() is called repeatedly on
+     the same ssl_context object and some memory allocations fail.
+     Found by Guido Vranken. Can not be forced remotely.
 
 = mbed TLS 1.3.13 reladsed 2015-09-17
commit	5aff029f9d2b8db78da64655c6808a1dfac6f64f	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Mon Sep 28 18:09:45 2015 +0200
committer	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Thu Oct 01 09:58:50 2015 +0200
tree	e76f485c2898bf98045e359db1d6d7fdbf8ba0c7
parent	9bf29bee22d85d370388683e708412bf0eecfc43 [diff] [blame]