Fix stack buffer overflow in pkcs12

commit: d02a1daca792e293c28760e3e3ab9897cee20bf9 [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Mon Sep 28 18:34:48 2015 +0200
committer: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Mon Sep 28 19:47:50 2015 +0200
tree: 2b5534e947417dc42bafbe3f5cbccab8d223e4c1
parent: f592e8eaf6f970489c57e02ac35c3f6721c51413 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index c9e48e2..f2defa6 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -1,5 +1,12 @@
 mbed TLS ChangeLog (Sorted per branch, date)
 
+= mbed TLS 2.1.2 released 2015-??-??
+
+Security
+   * Fix stack buffer overflow in pkcs12 decryption (used by
+     mbedtls_pk_parse_key(file)() when the password is > 129 bytes.
+     Found by Guido Vranken. Not triggerable remotely.
+
 = mbed TLS 2.1.1 released 2015-09-17
 
 Security
commit	d02a1daca792e293c28760e3e3ab9897cee20bf9	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Mon Sep 28 18:34:48 2015 +0200
committer	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Mon Sep 28 19:47:50 2015 +0200
tree	2b5534e947417dc42bafbe3f5cbccab8d223e4c1
parent	f592e8eaf6f970489c57e02ac35c3f6721c51413 [diff] [blame]