Mbed-TLS/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-06-05 21:15:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1466 from yanesca/1445_fix_signature_algorithm_injection

Browse Source 
Fix signature algorithm injection
This commit is contained in:
Ronald Cron
2026-03-17 17:10:00 +01:00
committed by GitHub
parent a08cff3d40 6714b39017
commit 9f19fe1874
7 changed files with 231 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ChangeLog.d/sig_algs_check.txt
+5
View File
@@ -0,0 +1,5 @@
Security
* Fix a bug in the TLS 1.2 client's signature algorithm check, which caused
the client to accept server key exchange messages signed with a signature
algorithm explicitly disallowed by the client. Found and reported by
EFR-GmbH and M. Heuft of Security-Research-Consulting GmbH. CVE-2026-25834