Advisories » MGASA-2016-0249

Updated mbedtls packages fix security vulnerabilities

Publication date: 08 Jul 2016
Modification date: 08 Jul 2016
Type: security
Affected Mageia releases : 5

Description

Updated mbedtls packages fix security vulnerabilities:

The mbedtls package has been updated to version 1.3.17, which fixes a few minor
security issues in mbedtls_rsa_rsaes_pkcs1_v15_encrypt() and
mbedtls_rsa_rsaes_oaep_encrypt() and fixes a handful of other bugs as well.

See the upstream release announcement for details.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=18874
• https://tls.mbed.org/tech-updates/releases/mbedtls-2.3.0-2.1.5-and-1.3.17-released

SRPMS

5/core

• mbedtls-1.3.17-1.mga5