Mbed-TLS/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-06-05 21:15:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

sig_algs: add ChangeLog

Browse Source 
Signed-off-by: Janos Follath <janos.follath@arm.com>
This commit is contained in:
Janos Follath
2026-01-23 16:31:53 +00:00
parent 475ac34e1f
commit f68d402029
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ChangeLog.d/sig_algs_check.txt
+5
View File
@@ -0,0 +1,5 @@
Security
* Fix a bug in the TLS 1.2 client's signature algorithm check, which caused
the client to accept server key exchange messages signed with a signature
algorithm explicitly disallowed by the client. Found and reported by
EFR-GmbH and M. Heuft of Security-Research-Consulting GmbH. CVE-2026-25834