TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-05-03 16:50:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
fc317141feee2f91c4c154fc80cfe6273fc36685
mbedtls/ChangeLog.d/context_load_and_session_load_documentation.txt
Minos Galanakis feb0dd04ba Extended attributions & CVE 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2026-03-26 15:03:07 +00:00

9 lines
481 B
Plaintext
Raw Blame History

Security
* The documentation of mbedtls_ssl_session_save(),
mbedtls_ssl_session_load(), mbedtls_ssl_context_save(), and
mbedtls_ssl_context_load() has been updated to clarify the responsibility
of the application to preserve the confidentiality and integrity of
serialized data, mitigating the risk of misuse of these APIs.
Credit to Haruto Kimura (Stella) and Eva Crystal (0xiviel) for
highlighting risks associated with tampered serialized data.
Reference in New Issue View Git Blame Copy Permalink